80 matches found
EUVD-2019-4218
Malware in sbrugna...
PT-2025-51591
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc3 Description A deadlock situation can occur during policy configuration within the block layer blk-cgroup. This deadlock is triggered by a circular locking dependency, specifically involving locks relat...
CVE-2022-4313
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...
Enable IMA Measurement
Integrity Measurement Architecture IMA is an integrity protection function of the kernel. When IMA is enabled, integrity measurement is provided for important system files based on user-defined policies. The measurement results can be used for local and remote integrity attestation. If IMA is...
Firewall Regulatory Networks for Autonomous Cyber Defense
In this paper, we present the principles of designing new self-organising and autonomous management protocol to govern the dynamics of bio-inspired decentralized firewall architecture based on Biological Regularity Networks. The new architecture called Firewall Regulatory Networks FRN exhibits th...
How to View or Change Encryption Policy Configuration for Xenmobile
How to view or change encryption policy configuration on a Xenmobile server...
CVE-2024-6148
Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5...
CVE-2024-6148
CVE-2024-6148 affects Citrix Workspace app for HTML5 prior to version 2404.1. The Citrix CTX678037 security bulletin documents two vulnerabilities: (1) bypass of GACS Policy Configuration settings, and (2) redirection of users to a vulnerable URL (CVE-2024-6149). The issue originates in the HTML5...
CVE-2024-6148
Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5...
PT-2024-5729 · Citrix · Citrix Workspace App For Html5
Name of the Vulnerable Software and Affected Versions: Citrix Workspace app for HTML5 affected versions not specified Description: The issue is related to a bypass of GACS Policy Configuration settings in the Citrix Workspace app for HTML5. This is due to incorrect default permissions. Exploitati...
Fedora 39 : ckeditor (2023-426b3a500d)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-426b3a500d advisory. - 4.22.0/4.22.1 - 4.21.0 - GHSA-vh5c-xwqv-cv9g / CVE-2023-28439 - 4.20.2 - 4.20.1 Tenable has extracted the preceding description block directly from the...
CVE-2023-4951
A cross site scripting issue was discovered with the pagination function on the "Client-based Authentication Policy Configuration" screen of the GreenRADIUS web admin interface. This issue is found in GreenRADIUS v5.1.1.1 and prior. A fix was included in v5.1.2.2...
CVE-2023-4951 Cross Site Scripting (XSS) Issue on "Client Based Authentication Policy Configuration" Screen
A cross site scripting issue was discovered with the pagination function on the "Client-based Authentication Policy Configuration" screen of the GreenRADIUS web admin interface. This issue is found in GreenRADIUS v5.1.1.1 and prior. A fix was included in v5.1.2.2...
Stay compliant and protect sensitive data with Zero Trust security
Regulatory standards frequently shift and tighten, especially with the rise of hybrid work environments. And with the explosion of data growth, organizations have seen a massive uptick in cybersecurity issues and needs. According to IBM’s 2022 Cost of a Data Breach Report, 83 percent of...
CVE-2023-28439
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages ...
Code injection
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...
PT-2023-14178 · Tenable · Tenable
Name of the Vulnerable Software and Affected Versions: Tenable products affected versions not specified Description: A vulnerability was reported where an authenticated user with Scan Policy Configuration roles in Tenable products could manipulate audit policy variables by modifying the scan...
CVE-2022-4313
A vulnerability was reported where through modifying the scan variables, an authenticated user in Tenable products, that has Scan Policy Configuration roles, could manipulate audit policy variables to execute arbitrary commands on credentialed scan targets...
Tenable Network Security Tenable.Sc和Nessus 安全漏洞
Tenable Network Security Nessus and Tenable.Sc are both products of Tenable Network Security, U.S.A. Nessus is an open-source system vulnerability scanner.Tenable.Sc is a vulnerability analysis solution. Sc is a vulnerability analysis solution that supports real-time vulnerability assessment and...
[R1] Tenable Plugin Feed ID #202212081952 Fixes Arbitrary Code Execution Vulnerability
R1 Tenable Plugin Feed ID 202212081952 Fixes Arbitrary Code Execution Vulnerability Arnie Cabral Fri, 03/10/2023 - 16:28 Audit files that are built into the Tenable products provide capability to adjust the audit evaluation to meet organizational requirements. A vulnerability was reported where...