CBL Mariner 2.0 Security Update: mysql (CVE-2024-21218)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21218 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are...

Photon OS 5.0: Python3 PHSA-2024-5.0-0386

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0386. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLED15 / SLES15 Security Update : protobuf (SUSE-SU-2024:3746-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3746-1 advisory. - CVE-2024-7254: Fixed stack overflow vulnerability in Protocol Buffer bsc1230778 Tenable has extracted the preceding...

Fedora 40 : wireshark (2024-1949806a59)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1949806a59 advisory. New version 4.2.8 Fix for CVE-2024-9781 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-21142)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21142 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported...

Photon OS 4.0: Go PHSA-2024-4.0-0704

An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0704. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid209541...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-21219)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21219 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are...

Fedora 40 : suricata (2024-8b08786765)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8b08786765 advisory. Various security, performance, accuracy, and stability issues have been fixed. Tenable has extracted the preceding description block directly from the Fedora...

CBL Mariner 2.0 Security Update: mysql (CVE-2024-21247)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21247 advisory. - Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions th...

Oracle Linux 8 : openssl (ELSA-2024-12786)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12786 advisory. 1:1.1.1k-14 - Backport fix SSLselectnext proto from OpenSSL 3.2 Fix CVE-2024-5535 Resolves: RHEL-45654 Tenable has extracted the preceding description block...

Siemens SIMATIC S7-1500 and S7-1200 CPUs URL Redirection to Untrusted Site (CVE-2024-46886)

The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted...

Google Chrome < 130.0.6723.70 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 130.0.6723.70. It is, therefore, affected by multiple vulnerabilities as referenced in the 202410stable-channel-update-for-desktop22 advisory. - Inappropriate implementation in Extensions. CVE-2024-10229 - Type Confusio...

RHEL 6 : odh-operator-container (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - http-proxy-middleware: Denial of Service CVE-2024-21536 Note that Nessus has not tested for this issue but has...

October 22, 2024—KB5045594 (OS Build 19045.5073) Preview

October 22, 2024—KB5045594 OS Build 19045.5073 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : apache2 (SUSE-SU-2024:3742-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3742-1 advisory. - CVE-2024-40725: Fixed source code disclosure of local content bsc1228097 Tenable has extracted the...

Siemens SIMATIC S7-1500 CPUs Authentication Bypass Using an Alternate Path or Channel (CVE-2024-46887)

The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum...

Photon OS 4.0: Linux PHSA-2024-4.0-0703

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0703. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Dolibarr 16.x < 16.0.5 Database Download

Dolibarr versions 16.x 16.0.5 suffer from an improper access control vulnerability, allowing a remote and unauthenticated attacker to access the target instance contact database, including public and private notes. No source data...

Adobe Connect <= 11.9.975.228 Vulnerability (APSB16-17)

The version of Adobe Connect installed on the remote host is prior to 11.9.976.291. It is, therefore, affected by a vulnerability as referenced in the apsb16-17 advisory. - Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local use...

Adobe Digital Editions < 4.5.1 (APSB16-06) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.1. It is, therefore, affected by a vulnerability as referenced in the APSB16-06 advisory. - Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service memory...