SUSE SLED15 / SLES15 / openSUSE 15 Security Update : brltty (SUSE-SU-2025:1582-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1582-1 advisory. - Avoid having brlapi.key temporarily world-readable during creation bsc1235438. Tenable has extracted th...

CVE-2002-1834

The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and 1 submit print jobs directly into the "print now" queue or 2 read the scanner job history...

CVE-2006-5025

Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner sHTTPScanner before 0.2 have unknown impact and attack vectors...

CVE-2002-1938

Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the 1 tar TARGET or 2 zielport ZIELPORT parameters...

Exploit for Use of Less Trusted Source in Apache Http_Server

CVE-2022-31813 Vulnerability Checker Author: Derek Odiorn...

CVE-2009-3177

Unspecified vulnerability in Kaspersky Online Scanner 7.0 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, 1 "Kaspersky Online Antivirus Scanner 7.0 exploit Linux" and 2 "Kaspersky Online Antivirus Scanner 7.0 exploit Windows." NOTE: a...

AlmaLinux 9 : php (ALSA-2025:7431)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7431 advisory. php: Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 php: Stream HTTP wrapper header check might omit basic auth header...

TYPO3 12.0.0 < 12.4.31 / 13.0.0 < 13.4.12 (TYPO3-CORE-SA-2025-012)

The version of TYPO3 installed on the remote host is 12.0.0 prior to 12.4.31 / 13.0.0 prior to 13.4.12. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-012 advisory. - Webhooks are inherently vulnerable to Server-Side Request Forgery SSRF, which can be...

Nuclei 3.4.4

Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives...

EulerOS Virtualization 2.12.1 : OpenIPMI (EulerOS-SA-2025-1549)

According to the versions of the OpenIPMI packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : OpenIPMI before 2.0.36 has an out-of-bounds array access for authentication type in the ipmisim simulator, resulting in denial of...

GraphQL Import Failed

GraphQL schema file could not be imported and cannot be used during the scan. No source data...

Apache Tomcat 10.1.0-M1 < 10.1.40 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.104, 10.1.0-M1 prior to 10.1.40 or 11.0.0-M1 prior to 11.0.6. It is, therefore, affected by multiple vulnerabilities : - A denial of service via invalid HTTP priority header. CVE-2025-31650 - A rewrite rule bypass...

CVE-2024-6711

The Event Tickets with Ticket Scanner WordPress plugin before 2.3.8 does not sanitise and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks...

WordPress plugin Event Tickets with Ticket Scanner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

Alibaba Cloud Linux 3 : 0036: edk2 (ALINUX3-SA-2024:0036)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0036 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-14560: This CVE ID has been rejected or...

Alibaba Cloud Linux 3 : 0022: tigervnc (ALINUX3-SA-2023:0022)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0022 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-0494: RESERVED This candidate has been...

Alibaba Cloud Linux 3 : 0035: xmlrpc-c (ALINUX3-SA-2022:0035)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0035 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-25235: xmltokimpl.c in Expat aka libexpat...

KB5058385: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (May 2025)

The remote Windows host is missing security update 5058385 or Hot Patch 5058500. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. CVE-2025-29967 - Use of...

KB5058451: Windows Server 2012 Security Update (May 2025)

The remote Windows host is missing security update 5058451. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. CVE-2025-29967 - Use of uninitialized resource in Windo...

Adobe Dreamweaver 21.0 < 21.5 Arbitrary code execution (APSB25-35)

The version of Adobe Dreamweaver installed on the remote Windows host is prior to 21.5. It is, therefore, affected by a vulnerability as referenced in the APSB25-35 advisory. - Dreamweaver Desktop versions 21.4 and earlier are affected by an Access of Resource Using Incompatible Type 'Type...