112 matches found
terrascan 代码问题漏洞
Trenescan is an open-source infrastructure code static security analysis tool developed by Tenable. Versions of Trenescan 1.18.3 and earlier contained code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing vulnerability in the webhookurl parameter of the file...
EUVD-2016-10636
Malware in sbrugna...
EUVD-2017-2962
Malware in sbrugna...
EUVD-2005-2721
Malware in sbrugna...
EUVD-2007-1223
Malware in sbrugna...
EUVD-2024-36693
Malicious code in bioql PyPI...
Amazon Linux 2023 : clamav1.4, clamav1.4-data, clamav1.4-devel (ALAS2023-2025-1081)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1081 advisory. A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.This...
ClamAV 1.2 < 1.4.3 DoS Vulnerability - Linux
ClamAV is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav";...
ClamAV 缓冲区错误漏洞
ClamAV Clam AntiVirus is a free and open source antivirus program from the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. ClamAV Clam AntiVirus suffers from a buffer error vulnerability that stems from excessive memory reads during UDF file...
Exploit for CVE-2025-30208
CVE-2025-30208 POC: CVE-2025-30208 pip install...
Exploit for SQL Injection in Glpi-Project Glpi
CVE-2025-24799 SQLi Scanner A fast SQL injection vulnerabilit...
PT-2025-26177 · Clamav +3 · Clamav +3
Name of the Vulnerable Software and Affected Versions: ClamAV affected versions not specified Description: A vulnerability in Universal Disk Format UDF processing could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This issue is due to...
CVE-2024-45520
WithSecure Atlant formerly F-Secure Atlant 1.0.35-1 allows a remote Denial of Service because of memory corruption during scanning of a PE32 file...
CVE-2024-45520
CVE-2024-45520 affects WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. The vulnerability allows a remote Denial of Service due to memory corruption while scanning PE32 files. The issue is documented with CVSSv3.1 base score 7.5 (HIGH), attack vector Network, no user interaction required, a...
CVE-2024-45520
WithSecure Atlant formerly F-Secure Atlant 1.0.35-1 allows a remote Denial of Service because of memory corruption during scanning of a PE32 file...
CVE-2024-50386
Account users in Apache CloudStack by default are allowed to register templates to be downloaded directly to the primary storage for deploying instances. Due to missing validation checks for KVM-compatible templates in CloudStack 4.0.0 through 4.18.2.4 and 4.19.0.0 through 4.19.1.2, an attacker...
CVE-2024-45219 Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure
Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as data disks to their existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack 4.0.0 through 4.18.2....
Photon OS 5.0: Vim PHSA-2024-5.0-0383
An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0383. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20910...
Fedora 40 : xen (2024-a5861bce91)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a5861bce91 advisory. update to xen-4.18.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...
RHEL 8 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tar: null-pointer dereference in paxdecodeheader in sparse.c CVE-2019-9923 Note that Nessus has not tested for this...