NewStart CGSL MAIN 6.02 : dbus Vulnerability (NS-SA-2024-0062)

The remote NewStart CGSL host, running version MAIN 6.02, has dbus packages installed that are affected by a vulnerability: - An assertion failure vulnerability was found in D-Bus. This issue occurs when a privileged monitoring connection dbus-monitor, busctl monitor, gdbus monitor, or similar is...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2024-0066)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. CVE-2022-25315 - It was possible to construct specific XSLT markup that woul...

NewStart CGSL MAIN 6.02 : sip Vulnerability (NS-SA-2024-0063)

The remote NewStart CGSL host, running version MAIN 6.02, has sip packages installed that are affected by a vulnerability: - A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelperp.h in Qt/Qtbase. While rendering and...

F5 Networks BIG-IP : RADIUS authentication vulnerability (K000141008)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.5.0.28.10-ENG.iso / Hotfix-BIGIP-16.1.5.1.0.13.7-ENG.iso / Hotfix-BIGIP-17.1.1.4.0.100.9-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000141008...

NewStart CGSL CORE 5.05 / MAIN 5.05 : openssh Vulnerability (NS-SA-2024-1002)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has openssh packages installed that are affected by a vulnerability: - openssh: A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals i...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssh Vulnerability (NS-SA-2024-1001)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssh packages installed that are affected by a vulnerability: - openssh: A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals i...

FreeBSD : firefox -- Potential memory corruption and exploitable crash (7ade3c38-6d1f-11ef-ae11-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7ade3c38-6d1f-11ef-ae11-b42e991fc52e advisory. [email protected] reports: An error in the ECMA-262 specification relating to Async Generators could...

FreeBSD : binutils -- Multiple vulnerabilities (943f8915-6c5d-11ef-810a-f8b46a88f42c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 943f8915-6c5d-11ef-810a-f8b46a88f42c advisory. [email protected] reports PR/281070: A new version of devel/binutils has been released...

Atlassian Confluence 9.0.x < 9.0.1 Multiple Vulnerabilities

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.19.26, 7.20.x prior to 8.5.14, 8.6.x prior to 8.9.5 or 9.0.x prior to 9.0.1. It is, therefore, affected by a reflected Cross-Site Scripting XSS and a CSRF Cross-Site Reques...

FreeBSD : firefox -- multiple vulnerabilities (a3a1caf5-6ba1-11ef-b9e8-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a3a1caf5-6ba1-11ef-b9e8-b42e991fc52e advisory. [email protected] reports: This entry contains 8 vulnerabilities: Tenable has extracted the...

Atlassian Confluence < 7.19.26 Multiple Vulnerabilities

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.19.26, 7.20.x prior to 8.5.14, 8.6.x prior to 8.9.5 or 9.0.x prior to 9.0.1. It is, therefore, affected by a reflected Cross-Site Scripting XSS and a CSRF Cross-Site Reques...

Atlassian Confluence 8.6.x < 8.9.5 Multiple Vulnerabilities

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.19.26, 7.20.x prior to 8.5.14, 8.6.x prior to 8.9.5 or 9.0.x prior to 9.0.1. It is, therefore, affected by a reflected Cross-Site Scripting XSS and a CSRF Cross-Site Reques...

Atlassian Confluence 7.20.x < 8.5.14 Multiple Vulnerabilities

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.19.26, 7.20.x prior to 8.5.14, 8.6.x prior to 8.9.5 or 9.0.x prior to 9.0.1. It is, therefore, affected by a reflected Cross-Site Scripting XSS and a CSRF Cross-Site Reques...

F5 Networks BIG-IP : libarchive vulnerabilities (K000140964)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000140964 advisory. CVE-2018-1000877libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0...

Intel Quartus Prime < 24.1 (INTEL-SA-01127)

The version of Intel Quartus Prime installed on the remote host is prior to 24.1. It is, therefore, affected by a vulnerability as referenced in the INTEL-SA-01127 advisory. - Uncontrolled search path for some IntelR QuartusR Prime Pro Edition Design Software before version 24.1 may allow an...

PT-2024-40928 · Hwloc · Hwloc

Name of the Vulnerable Software and Affected Versions: hwloc affected versions not specified Description: The hwloc project has been archived by its developer and will no longer be maintained. This decision was made without any issues being reported. Recommendations: At the moment, there is no...

SUSE SLES15 / openSUSE 15 Security Update : frr (SUSE-SU-2024:3108-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3108-1 advisory. - CVE-2024-44070: Fixed missing stream length check before TLV value is taken in bgpattrencap bsc1229438 Tenable has extracted...

IBM: SSRF via host header let access localhost via https://go.dialexa.com

The SSRF vulnerability via the host header was reported to IBM, analyzed, and remediated. The external researcher @mersa-v6 discovered this issue...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel-firmware (SUSE-SU-2024:3081-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3081-1 advisory. - CVE-2023-31315: Fixed validation in a model specific register MSR that lead to modification of SMM...

FreeBSD : chromium -- multiple security fixes (26125e09-69ca-11ef-8a0f-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 26125e09-69ca-11ef-8a0f-a8a1599412c6 advisory. Chrome Releases reports: This update includes 4 security fixes: Tenable has extracted the...