Oracle Linux 9 : xorg-x11-server (ELSA-2024-9122)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9122 advisory. - Fix regression caused by the fix for CVE-2024-31083 - CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and CVE-2024-31083 Tenable has...

XML External Entity (XXE) Injection

Overview phpoffice/phpspreadsheet is a Spreadsheet engine that Read, Create and Write Spreadsheet documents in PHP . Affected versions of this package are vulnerable to XML External Entity XXE Injection via the scan method in the XmlScanner class. Exploiting this vulnerability is possible when...

CVE-2024-52427

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.11...

CVE-2024-52427

Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through = 2.3.11...

CVE-2024-52427 WordPress Event Tickets with Ticket Scanner plugin <= 2.3.11 - Remote Code Execution (RCE) vulnerability

Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through = 2.3.11...

CVE-2024-52427

CVE-2024-52427 affects WordPress Plugin Event Tickets with Ticket Scanner (

WordPress plugin Event Tickets with Ticket Scanner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-35267 · Unknown · Event Tickets With Ticket Scanner

Name of the Vulnerable Software and Affected Versions: Event Tickets with Ticket Scanner versions 2.3.11 and earlier Description: The issue affects Event Tickets with Ticket Scanner, allowing Server Side Include SSI Injection due to improper neutralization of special elements used in a template...

Apache Tomcat < 9.0.97 Vulnerability

Binary data 701492.pasl...

Apache Tomcat 9.0.0-M1 < 9.0.96 / 9.0.92 < 9.0.96 Multiple Vulnerabilities

Binary data 701495.pasl...

Apache Tomcat 10.1.27 < 10.1.31 / 10.1.0-M1 < 10.1.31 Multiple Vulnerabilities

Binary data 701494.pasl...

Qualys released QScanner – a console vulnerability scanner for container images

QualysreleasedQScanner - a console vulnerability scanner for container images. Feed it an image and get a list of vulnerabilities a la Trivy. It supports: " Local Runtimes: Scan images from Docker, Containerd, or Podman. Local Archives: Analyze Docker images or OCI layouts from local files. Remot...

JetBrains TeamCity Login Scanner

This module performs login attempts against a JetBrains TeamCity webpage to bruteforce possible credentials. Module Options msf use auxiliary/scanner/teamcity/teamcitylogin msf auxiliaryteamcitylogin show actions ...actions... msf auxiliaryteamcitylogin set ACTION msf auxiliaryteamcitylogin show...

WordPress Event Tickets with Ticket Scanner plugin <= 2.3.11 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Event Tickets with Ticket Scanner versions = 2.3.11...

Siemens Solid Edge Installed (Windows)

Binary data siemenssolidedgewininstalled.nbin...

WordPress Event Tickets with Ticket Scanner Plugin <= 2.3.11 is vulnerable to Remote Code Execution (RCE)

Software Event Tickets with Ticket Scanner Type Plugin Vulnerable versions = 2.3.11 Fixed in 2.3.12 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-52427 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 3ef418855694 Credits Hakiduck...

Fedora 37 : freerdp (2022-076b1c9978)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-076b1c9978 advisory. Update to 2.9.0 CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-41877 and CVE-2022-39347. Tenable has...

Fedora 37 : golang (2022-3b4c68d85d)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-3b4c68d85d advisory. go1.19.4 released 2022-12-06 includes security fixes to the net/http and os packages, as well as bug fixes to the compiler, the runtime, and the crypto/x509,...

Fedora 37 : grafana (2022-8f60426b65)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8f60426b65 advisory. Automatic update for grafana-9.0.2-2.fc37. Changelog Wed Jul 13 2022 Andreas Gerstmayr 9.0.2-2 - use systemd-sysusers to create the Grafana user and group...

Fedora 41 : golang-uber-mock (2024-ec60f79b80)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-ec60f79b80 advisory. Automatic update for golang-uber-mock-0.4.0-1.fc41. Changelog Sat Mar 23 2024 Mikel Olasagasti Uranga - 0.4.0-1 - Update to 0.4.0 - Closes rhbz2271191...