20 matches found
EUVD-2007-4015
Malware in sbrugna...
EUVD-2007-4046
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2025-46734
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - league/commonmark is a PHP Markdown parser. A cross-site scripting XSS vulnerability in the Attributes extension of the league/commonmark library versions 1.5.0...
Linux Distros Unpatched Vulnerability : CVE-2022-42966
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the...
Linux Distros Unpatched Vulnerability : CVE-2021-47066
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: asyncxor: increase srcoffs when dropping destination page Now we support sharing one page if...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2022-028 (ALASKERNEL-5.4-2022-028)
The version of kernel installed on the remote host is prior to 5.4.201-111.359. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-028 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for...
Sophos UTM Nessus Web UI Cross-Site Scripting Vulnerability
Sophos UTM is a unified threat management appliance. which provides gateway security and endpoint security. The appliance provides gateway security protection and endpoint security protection.Nessus Web UI is one of the components used to access the Nessus Vulnerability Scanner based on a web...
Fedora 8 : ssmtp-2.61-11.6.fc8.1 (2008-8040)
Fix for CVE-2008-3962 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Directory traversal
The SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via unspecified vectors involving the deleteNessusRC method, probably a directory traversal vulnerability...
Directory traversal
Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to create or overwrite arbitrary files via a .. dot dot in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method, possibly related...
CVE-2007-4061
Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to create or overwrite arbitrary files via a .. dot dot in the argument to the saveNessusRC method, which writes text specified by the addsetConfig method, possibly related...
CVE-2007-4062
CVE-2007-4062 affects Nessus Vulnerability Scanner 3.0.6 via the SCANCTRL.ScanCtrlCtrl.1 ActiveX (scan.dll). The vulnerability arises in the deleteNessusRC method, likely a directory traversal, allowing remote attackers to delete arbitrary files. Related Nessus NASL indicates Nessus for Windows v...
CVE-2007-4061
CVE-2007-4061 : Directory traversal via .. in the Nessus ScanCtrl ActiveX (SCANCTRL.ScanCtrlCtrl.1 in scan.dll) allows remote creation/overwrite of arbitrary files through saveNessusRC, potentially enabling code execution by writing to a Startup folder. Affected product: Nessus Vulnerability Scan...
CVE-2007-4031
Directory traversal vulnerability in a certain ActiveX control in Nessus Vulnerability Scanner 3.0.6 allows remote attackers to delete arbitrary files via a .. dot dot in the argument to the deleteReport method, probably related to the SCANCTRL.ScanCtrlCtrl.1 ActiveX control in scan.dll...
CVE-2007-4031
CVE-2007-4031 affects Nessus Vulnerability Scanner for Windows prior to 3.0.6.1, in the ScanCtrl ActiveX control (SCANCTRL.ScanCtrlCtrl.1 in scan.dll). The flaw allows directory traversal: an attacker who lures a user to a crafted page can cause deleteReport to send a .. path, enabling deletion o...
Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Execution
Nessus Vulnerability Scanner 3.0.6 - ActiveX Command Execution Tested on Nessus 3.0.6 / IE 6 / XP SP2 Polish Just for fun ; -- obj.addsetConfig'shutdown -t 1000 -s -c "hello world ;" && pause', '', ''; obj.saveNessusRC"../../../../../../Documents and Settings/All Users/Menu...
Nessus Vulnerability Scanner 3.0.6 ActiveX Command Exec Exploit
Exploit for unknown platform in category remote exploits =============================================================== Nessus Vulnerability Scanner 3.0.6 ActiveX Command Exec Exploit =============================================================== Tested on Nessus 3.0.6 / IE 6 / XP SP2 Polish Ju...
Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File
Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File Tested on Nessus 3.0.6 / IE 6 / XP SP2 Polish Just for fun ; -- obj.deleteReport"../../../../../../../test.txt"; //Deleting file: C:\test.txt alert"done"; milw0rm.com 2007-07-26...
Nessus Vulnerability Scanner 3.0.6 ActiveX Remote Delete File Exploit
Exploit for unknown platform in category remote exploits ===================================================================== Nessus Vulnerability Scanner 3.0.6 ActiveX Remote Delete File Exploit ===================================================================== Tested on Nessus 3.0.6 / IE 6 ...
Cross site scripting
Cross-site scripting XSS vulnerability in the Windows GUI in Nessus Vulnerability Scanner before 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...