Fedora 40 : rsync (2025-b28759cb95)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b28759cb95 advisory. New version 3.4.1, a couple of fixes for the 3.4.0 release. Tenable has extracted the preceding description block directly from the Fedora security advisory...

CBL Mariner 2.0 Security Update: rsync (CVE-2024-12087)

The version of rsync installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12087 advisory. - A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option,...

Fedora 41 : git-lfs (2025-1de066b8af)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1de066b8af advisory. Update to latest version Fix CVE-2024-53263 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora 40 : git-lfs (2025-50deb0acd5)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-50deb0acd5 advisory. Update to latest version Fix CVE-2024-53263 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Oracle Linux 9 : kernel (ELSA-2025-0578)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0578 advisory. - arm64/sve: Discard stale CPU state when handling SVE traps Mark Salter RHEL-72218 CVE-2024-50275 - i40e: fix race condition by adding filter's...

Golang 1.22 < 1.22.11 / 1.23 < 1.23.5 Multiple Vulnerabilities

The version of Golang running on the remote host is 1.24 prior to 1.24rc2. It is, therefore, is affected by multiple vulnerabilities: - net/http: Sensitive headers are incorrectly sent after cross-domain redirect CVE-2024-45336 - crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints...

Vim < 9.1.1043 Out-of-bounds Write

A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode -s -e, Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters ...

ServiceNow Platform Web Interface Detection

Binary data servicenowplatformwebdetect.nbin...

SAP NetWeaver AS ABAP (3550708)

The remote SAP NetWeaver ABAP server may be affected by a improper access control vulnerability. The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the...

CVE-2025-22723

Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with...

CVE-2025-22723

CVE-2025-22723 concerns the UkrSolution Barcode Scanner with Inventory & Order Manager (Barcode Scanner plugin). The issue is an unrestricted upload of a file with a dangerous type, enabling an attacker to upload a web shell to the web server. Impact is described as high/high in the CVE metrics (...

CVE-2025-22723 WordPress Barcode Scanner and Inventory manager plugin <= 1.6.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with...

PT-2025-4650 · Ukrsolution · Ukrsolution Barcode Scanner With Inventory & Order Manager

Name of the Vulnerable Software and Affected Versions: UkrSolution Barcode Scanner with Inventory & Order Manager versions 1.6.7 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can...

Cisco Catalyst Center Detection

Binary data ciscocatalystcenterversion.nbin...

PT-2025-15185

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description A DLL Search Order Hijacking issue potentially allowed an attacker with administrator privileges to load a malicious dynamic-link library and execute its code. Recommendations At the moment,...

WordPress plugin Barcode Scanner with Inventory & Order Manager 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

Istio Sensitive Information Disclosure

When the 'x-envoy-peer-metadata' and/or 'x-envoy-peer-metadata-id' headers are present, they may include data deemed sensitive about the Kubernetes environment. No source data...

Fedora 41 : stb (2025-6a64d3b2fc)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-6a64d3b2fc advisory. Add another patch for the root cause of CVE-2021-45340. We already have a patch for CVE-2021-45340, but adding this new patch may prevent a related, unproven...

RedShift JDBC Installed

Binary data redshiftjdbcinstalled.nbin...

SonarSource SonarQube Server Web Interface Detection

Binary data sonarsourcesonarqubeserverwebdetect.nbin...