New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enhance its...

KB5046613: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (November 2024)

The remote Windows host is missing security update 5046613. It is, therefore, affected by multiple vulnerabilities - Windows Task Scheduler Elevation of Privilege Vulnerability CVE-2024-49039 - Windows Telephony Service Remote Code Execution Vulnerability CVE-2024-43620, CVE-2024-43621,...

KB5046705: Windows Server 2008 R2 Security Update (November 2024)

The remote Windows host is missing security update 5046705. It is, therefore, affected by multiple vulnerabilities - Windows Telephony Service Remote Code Execution Vulnerability CVE-2024-43620, CVE-2024-43621, CVE-2024-43622, CVE-2024-43627, CVE-2024-43628, CVE-2024-43635 - Windows NT OS Kernel...

KB5046665: Windows 10 LTS 1507 Security Update (November 2024)

The remote Windows host is missing security update 5046665. It is, therefore, affected by multiple vulnerabilities - Windows Task Scheduler Elevation of Privilege Vulnerability CVE-2024-49039 - Windows Telephony Service Remote Code Execution Vulnerability CVE-2024-43620, CVE-2024-43621,...

SUSE SLES15 / openSUSE 15 Security Update : govulncheck-vulndb (SUSE-SU-2024:3950-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3950-1 advisory. - Update to version 0.0.20241104T154416 2024-11-04T15:44:16Z. Refs jscPED-11136 Go CVE Numbering Authority IDs added or updated...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0015)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.91.3- nfsatomicopen: prevent parallel nfslookup on a negative hashed Al Viro Orabug: 370062394.1.12-124.91.2- vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug:...

RHEL 7 : java-1.8.0-ibm (RHSA-2024:1482)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1482 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

Mastodon 4.1.x < 4.1.2 LDAP injection

According to its self-reported version number, the version of Mastodon running on the remote host is 2.5.0 prior to 3.5.8 or 4.0.x prior to 4.0.4 or 4.1.x prior to 4.1.2. Therefore, it may be affected by a blind LDAP injection in login allows the attacker to leak arbitrary attributes from LDAP...

Mastodon < 4.1.8 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.14 or 4.0.x prior to 4.0.10 or 4.1.x prior to 4.1.8. It is, therefore, affected by multiples vulnerabilities : - A Stored XSS through the translation feature - A Server-side request...

Mastodon 4.0.x < 4.0.4 LDAP injection

According to its self-reported version number, the version of Mastodon running on the remote host is 2.5.0 prior to 3.5.8 or 4.0.x prior to 4.0.4 or 4.1.x prior to 4.1.2. Therefore, it may be affected by a blind LDAP injection in login allows the attacker to leak arbitrary attributes from LDAP...

Mastodon < 4.1.17 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 4.1.17 or 4.2.x prior to 4.2.9. It is, therefore, affected by multiples vulnerabilities : - Private mention filtering can be bypassed - Missing rate-limit to password change endpoint -...

Mastodon 4.0.x < 4.0.14 Multiples Vulnerabilities

According to its self-reported version number, the Mastodon application running on the remote host is prior to 3.5.18 or 4.0.x prior to 4.0.14 or 4.1.x prior to 4.1.14 or 4.2.x prior to 4.2.6. It is, therefore, affected by multiples vulnerabilities : - Destroying OAuth Applications doesn't notify...

AlmaLinux 9 : grafana (ALSA-2024:8678)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8678 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 dompurify: nesting-based mutation XSS vulnerability CVE-2024-47875 Tenable has extracted the precedin...

Path Relative Stylesheet Import

A Path Relative Style Sheet Import occurs when the application imports a style sheet via a relative URL and uses user input in the file name. This vulnerability mainly affects older browsers such as Internet Explorer and allows an attacker to exploit the way the browser handles stylesheet imports...

SonarQube Public Projects Detected

A SonarQube Public Projects response have been detected on the target web application. These response may contain sensitive information which could assist an attack to conduct further attacks. No source data...

SuiteCRM < 7.14.4 / 8.x < 8.6.1 SQL Injection

SuiteCRM versions prior to 7.14.4 and 8.x prior to 8.6.1 has an unauthenticated SQL Injection in events response entry point allowing an attacker to execute SQL queries via a specially forged request. No source data...

Clockwork Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Clockwork instance on the target application. No source data...

Clockwork Unrestricted Access

By default, Clockwork does not require authentication to access the dashboard. This allows an attacker to access sensitive data such as database queries and incoming requests. No source data...

SSH id_rsa File Detected

A SSH idrsa file have been detected on the target web application. This key can be used to gain unauthorized access to the server. No source data...

Apple iOS < 18.1 Multiple Vulnerabilities (121563)

Binary data appleios181check.nbin...