Apple iOS < 17.7.1 Multiple Vulnerabilities (121567)

Binary data appleios1771check.nbin...

Fedora 40 : dotnet8.0 (2024-204d982a2e)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-204d982a2e advisory. This is the October 2024 security release of .NET 8. The SDK version is 8.0.110 and the Runtime version is 8.0.10. Release Notes: - SDK:...

FreeBSD : chromium -- multiple security fixes (fafaef4d-f364-4a07-bbdd-bf53448c593c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fafaef4d-f364-4a07-bbdd-bf53448c593c advisory. Chrome Releases reports: This update includes 3 security fixes: Tenable has extracted the...

Fortinet FortiWeb - Path traversal in API controller (FG-IR-21-156)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-156 advisory. - A relative path traversal in FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to...

Solarwinds CatTools Installed (Windows)

Binary data solarwindscattoolswininstalled.nbin...

SonicWall SMA1000 Connect Tunnel (Windows)

Binary data sonicwallconnecttunnelinstalled.nbin...

Photon OS 5.0: Linux PHSA-2023-5.0-0032

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0032. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Oracle Linux 7 : firefox (ELSA-2024-6838)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-6838 advisory. 128.2.0-1.0.1 - Remove nomerge annotation from abort calls Orabug: 37079143 - Update to 128.2.0 Orabug: 37079143 Tenable has extracted the preceding...

mySCADA myPro Hard-coded Telnet Password (CVE-2024-4708

Binary data myscadamyprocve-2024-4708.nbin...

NuGet Package 'Forge.OpenAI' Detection

The remote host has a 'Forge.OpenAI' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descriptio...

NuGet Package 'Azure.AI.OpenAI' Detection

The remote host has a 'Azure.AI.OpenAI' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Apache HugeGraph Server 1.0.x < 1.3.0 (CVE-2024-27348)

The version of Apache HugeGraph Server installed on the remote host is prior to 1.3.0. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27348 advisory. - RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server. This issue affects Apache HugeGraph-Server:...

Solarwinds CatTools Information Disclosure (CVE-2024-45713)

SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non-default setting has been enabled for troubleshooting purposes. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVE...

Oracle Linux 7 : firefox (ELSA-2024-8034)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-8034 advisory. 128.3.1-2.0.1 - Update to 128.3.1 Orabug: 37168934 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

NuGet Package 'BotSharp.Core' Detection

The remote host has a 'BotSharp.Core' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...

Photon OS 4.0: Linux PHSA-2024-4.0-0706

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0706. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Spring Framework < 5.3.41 / 6.0.x < 6.0.25 / 6.1.x < 6.1.14 Multiple Vulnerabilities

The remote host contains a Spring Framework version is affected by a path traversal vulnerability. - Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obta...

NuGet Paemgu'emgu.cv' Detection

The remote host has an artificial intelligence NuGet package 'emgu.cv' is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Fortinet FortiWeb OpenSSH regreSSHion Attack (CVE-2024-6387) (FG-IR-24-258)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-258 advisory. - A race condition in sshd affecting versions between 8.5p1 and 9.7p1 inclusive may allow arbitrary code execution with root...

Oracle Linux 9 : python3.12 (ELSA-2024-8447)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8447 advisory. 3.12.1-4.4 - Security fix for CVE-2024-6232 Resolves: RHEL-57416 Tenable has extracted the preceding description block directly from the Oracle Linux security...