Photon OS 5.0: Linux PHSA-2026-5.0-0750

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0750. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2022-50926 WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation

WAGO 750-8212 PFC200 G2 2ETH RS firmware contains a privilege escalation vulnerability that allows attackers to manipulate user session cookies. Attackers can modify the cookie's 'name' and 'roles' parameters to elevate from ordinary user to administrative privileges without authentication...

CVE-2022-50926

The vulnerability CVE-2022-50926 affects WAGO 750-8212 PFC200 G2 2ETH RS firmware. A flaw allows an unauthenticated attacker to escalate privileges by manipulating the session cookie’s name and roles, gaining administrative access. Documents indicate this is a cookie-based privilege escalation wi...

SUSE SLES15 / openSUSE 15 Security Update : rabbitmq-server (SUSE-SU-2025:3809-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3809-1 advisory. - CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests bsc1245105 - fixed a bad logrotate configuration...

Security update for rabbitmq-server

This update for rabbitmq-server fixes the following issues: CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests bsc1245105 fixed a bad logrotate configuration that allowed escalation from rabbitmq to root, /var/log/rabbitmq ownership is now 750 bsc1246091 Patch Instructions:...

SUSE-SU-2025:3809-1 Security update for rabbitmq-server

This update for rabbitmq-server fixes the following issues: - CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests bsc1245105 - fixed a bad logrotate configuration that allowed escalation from rabbitmq to root, /var/log/rabbitmq ownership is now 750 bsc1246091...

EUVD-2020-4808

Malware in sbrugna...

EUVD-2020-4807

Malware in sbrugna...

EUVD-2019-2506

Malware in sbrugna...

EUVD-2018-20444

Malware in sbrugna...

Selea多款产品 安全漏洞

Selea Targa iZero and others are an optical character recognition camera for automatic license plate recognition from Selea, Italy. A security vulnerability exists in various Selea products, which stems from an unvalidated JSON POST parameter ipnotifyaddress and url, which could lead to a...

CVE-2023-28763

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the...

CVE-2023-1150

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets...

WAGO 750-8xx 安全漏洞

The WAGO wago 750-8xx is a series of programmable logic controllers from the German company WAGO. The devices are specifically designed for applications in industrial environments where digital algorithms operate electronic systems. A security vulnerability exists in the WAGO 750-8xx that stems...

WAGO Controller BACnet Security Vulnerability

WAGO Controller BACnet is a series of controllers from WAGO Germany. A security vulnerability exists in the WAGO Controller BACnet 750-831/xxx-xxx that stems from the presence of a buffer overflow vulnerability. An attacker can exploit the vulnerability by sending specially crafted packets to the...

Wago 750-88X and 750-89X Cross-site Scripting (CVE-2018-16210)

WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.1813 and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMPDESC or SNMPLOCSNMPCONT field. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

CVE-2023-49584

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

Design/Logic Flaw

SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...

The vulnerability of microprogrammed software in WAGO 750 programmable logic controllers, which stems from insufficient validation of input data, allows a intruder to trigger malfunctions during maintenance operations.

The vulnerability of the microprogrammed software in WAGO 750 programmable logic controllers is related to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause malfunctions by using specially crafted packages...

CVE-2023-1150

Uncontrolled resource consumption in Series WAGO 750-3x/-8x products may allow an unauthenticated remote attacker to DoS the MODBUS server with specially crafted packets...