Dotnetnuke 6.0.x < 10.2.2 Force Friend Request Acceptance (GHSA-fpj4-9qhx-5m6m)

According to its self-reported version, the instance of Dotnetnuke running on the remote web server is 6.0.x prior to 10.2.2. It is, therefore, affected by a vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

EUVD-2021-22724

Malware in sbrugna...

EUVD-2020-12605

Malware in sbrugna...

EUVD-2021-8717

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-36093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG OTRS Community Edition...

MongoDB 5.0.x < 5.0.31 / 6.0.x < 6.0.24 / 7.0.x < 7.0.21 / 8.0.x < 8.0.5 Improper Validation (SERVER-93497)

The version of MongoDB installed on the remote host is 5.0 prior to 5.0.31, 6.0 prior to 6.0.24, 7.0 prior to 7.0.21 and 8.0 prior to 8.0.5. It is, therefore, affected by a vulnerability as referenced in the SERVER-93497 advisory. - Under certain conditions, an authenticated user request may...

SUSE CVE-2024-43446

An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023.X OTRS 2024.X OTRS Community Edition: 6.0.x Products based on the OTRS Community Edition...

MongoDB DoS Vulnerability (SERVER-92382) - Windows

MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...

GHSA-8G4Q-XG66-9FP4 Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in System.Text.Json 6.0.x and 8.0.x. This advisory also provides guidance on what developers can do to...

UBUNTU-CVE-2024-43442

Improper Neutralization of Input done by an attacker with admin privileges 'Cross-site Scripting' in OTRS System Configuration modules and OTRS Community Edition allows Cross-Site Scripting XSS within the System Configuration targeting other admins. This issue affects: OTRS from 7.0.X through...

PT-2024-5943 · Otrs · Otrs

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.50 OTRS version 8.0.X OTRS version 2023.X OTRS versions 2024.X through 2024.5.X OTRS Community Edition version 6.0.x Description: The issue exists due to improper neutralization of input, allowing an attacker...

Oracle Siebel CRM SEoL (6.0.x)

According to its version, Oracle Siebel CRM is 6.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...

Debian Linux SEoL (6.0.x)

According to its version, Debian Linux is 6.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...

Exploit for CVE-2024-31771

CVE-2024-31771 TotalAV Arbitrary File Write TotalAV version...

VMware Fusion SEoL (6.0.x)

According to its version, VMware Fusion is 6.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...

PT-2024-2215 · Atlassian +1 · Bamboo Data Center/Server +6

Name of the Vulnerable Software and Affected Versions: Spring Security versions 5.7.x prior to 5.7.12 Spring Security versions 5.8.x prior to 5.8.11 Spring Security versions 6.0.x prior to 6.0.9 Spring Security versions 6.1.x prior to 6.1.8 Spring Security versions 6.2.x prior to 6.2.3 Bitbucket...

VMware Spring Framework 6.0.0 - 6.0.13 DoS Vulnerability

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-5421 Possible XSS execution in customer information

An attacker who is logged into OTRS as an user with privileges to create and change customer user data may manipulate the CustomerID field to execute JavaScript code that runs immediatly after the data is saved.The issue onlyoccurs if the configuration for AdminCustomerUser::UseAutoComplete was...

OTRS Cross-Site Scripting Vulnerability

OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS versions prior to 7.0.47, 8.0.37, and OTRS Community Edition versions 6.0.X through 6.0.34, which originates from the fact that an attacker with the privilege to create and change...

CVE-2023-41104

libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL Varnish Configuration...