Oracle Linux 9 : python3.12 (ELSA-2024-8447)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8447 advisory. 3.12.1-4.4 - Security fix for CVE-2024-6232 Resolves: RHEL-57416 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Fedora 40 : libtiff (2024-9c84a7c963)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9c84a7c963 advisory. - fix CVE-2024-7006 rhbz2302997 - fix CVE-2023-52356 rhbz2260112 - fix CVE-2023-6228 rhbz2251863 Tenable has extracted the preceding description blo...

RockyLinux 8 / 9 : java-11-openjdk (RLSA-2024:8121)

The remote RockyLinux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:8121 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-2121...

Photon OS 4.0: Linux PHSA-2024-4.0-0706

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0706. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

NuGet Package 'BotSharp.Core' Detection

The remote host has a 'BotSharp.Core' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...

Fedora 40 : yarnpkg (2024-66b0bdad35)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-66b0bdad35 advisory. Update bundled ws CVE-2024-37890 ---- Update bundled elliptic to fix CVE-2024-48949. Tenable has extracted the preceding description block directly...

RHEL 9 : python3.9 (RHSA-2024:8446)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8446 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Fedora 39 : yarnpkg (2024-d79685d847)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d79685d847 advisory. Update bundled ws CVE-2024-37890 ---- Update bundled dependencies to fix CVE-2024-48949. Tenable has extracted the preceding description block...

FreeBSD : electron32 -- multiple vulnerabilities (cc068959-ce2b-42eb-81ed-055551fe0e51)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the cc068959-ce2b-42eb-81ed-055551fe0e51 advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...

Oracle Linux 9 : python3.9 (ELSA-2024-8446)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8446 advisory. - Fix: CVE-2024-6232 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Fedora 39 : koji (2024-ef4911442d)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-ef4911442d advisory. Update to 1.35.1. Includes fix for CVE-2024-9427 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Oracle Linux 8 : grafana (ELSA-2024-8327)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8327 advisory. - Resolves RHEL-62307: CVE-2024-47875 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-21157)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21157 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are...

Rockwell Automation Logix Controllers Uncontrolled Resource Consumption (CVE-2024-8626)

Due to a memory leak, a denial-of-service vulnerability exists in the affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain webpages of the product causing the affected products to become fully unavailable and require a power cycle to...

Photon OS 5.0: Go PHSA-2024-5.0-0386

An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0386. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid209534...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-21165)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21165 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versio...

AIX (IJ4442)

The version of AIX installed on the remote host is prior to APAR IJ4442. It is, therefore, affected by a vulnerability as referenced in the IJ4442 advisory. - The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth ...

CBL Mariner 2.0 Security Update: cmake / curl / mysql (CVE-2024-8096)

The version of cmake / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8096 advisory. - When curl is told to use the Certificate Status Request TLS extension, often referred to as OCS...

Fortinet FortiManager Missing Authentication (FG-IR-24-423)

The remote host is running a version of FortiManager that is prior to either 6.2.13, 6.4.15, 7.0.13, 7.2.8, 7.4.5 or 7.6.1. It is, therefore, affected by a missing authentication vulnerability in FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-21236)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21236 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are...