CVE-2024-49220 WordPress Cookie Scanner plugin <= 1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Nikel Cookie Scanner cookie-scanner allows Cross Site Request Forgery.This issue affects Cookie Scanner: from n/a through = 1.1...

Exploit for Unquoted Search Path or Element in Openbsd Openssh

cve202338408scanner Vulner...

Microsoft Configuration Manager Installed (Windows)

Binary data microsoftconfigurationmanagerwininstalled.nbin...

HCL BigFix Server 9.5.x < 9.5.25 / 10.0.x < 10.0.12 / 11.0.x < 11.0.3 DLL Hijacking (KB0116659)

The version of HCL BigFix Server installed on the remote host is 9.5.x prior to 9.5.25, 10.0.x prior to 10.0.12 or 11.x prior to 11.0.3. It is, therefore, affected by a DLL hijacking vulnerability as referenced in the KB0116659 advisory, where a dynamic search for a prerequisite library could all...

Apache HugeGraph Detection

Binary data apachehugegraphdetect.nbin...

WordPress plugin Cookie Scanner 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2024-33357 · Unknown · Cookie Scanner

Name of the Vulnerable Software and Affected Versions: Cookie Scanner versions 1.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that also allows Stored XSS in Cookie Scanner. This means an attacker can perform unintended actions on a user's account without...

Fedora 39 : python-virtualenv (2024-f7d6b76677)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f7d6b76677 advisory. - Prevent command injection by quoting template strings in activation scripts Tenable has extracted the preceding description block directly from the Fedora...

CBL Mariner 2.0 Security Update: reaper (CVE-2024-43799)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43799 advisory. - Send is a library for streaming files from the file system as a http response. Send passes untrusted user...

Oracle Linux 7 : httpd (ELSA-2024-7101)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-7101 advisory. 2.4.6-99.0.5.1 - Differentiate trusted sources Orabug: 37100272CVE-2024-38476 Tenable has extracted the preceding description block directly from the Oracle Lin...

Fedora 40 : python-virtualenv (2024-112e897674)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-112e897674 advisory. - Prevent command injection by quoting template strings in activation scripts Tenable has extracted the preceding description block directly from the Fedora...

Teltonika Remote Management System and RUT Model Routers External Control of System or Configuration Setting (CVE-2023-32349)

Version 00.07.03.4 and prior of Teltonika's RUT router firmware contain a packet dump utility that contains proper validation for filter parameters. However, variables for validation checks are stored in an external configuration file. An authenticated attacker could use an exposed UCI...

CBL Mariner 2.0 Security Update: giflib (CVE-2022-28506)

The version of giflib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-28506 advisory. - There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB in gif2rgb.c:298:45. CVE-2022-28506...

Fedora 40 : dnsdist (2024-4ffc26d8cb)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4ffc26d8cb advisory. Update to latest upstream Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

CBL Mariner 2.0 Security Update: reaper (CVE-2024-47764)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47764 advisory. - cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set...

CBL Mariner 2.0 Security Update: python-tensorboard / reaper (CVE-2024-45590)

The version of python-tensorboard / reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45590 advisory. - body-parser is Node.js body parsing middleware. body-parser 1.20.3 is vulnerable to...

Oracle Linux 8 / 9 : java-21-openjdk (ELSA-2024-8127)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8127 advisory. 1:21.0.5.0.10-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.5.0.10-3 - Sync the copy of the portable specfile with the latest update -...

Atlassian Confluence 6.0 < 7.19.23 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 (CONFSERVER-97794)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-97794 advisory. - Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users a...

Slackware Linux 15.0 / current libssh2 Vulnerability (SSA:2024-290-01)

The version of libssh2 installed on the remote host is prior to 1.11.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-290-01 advisory. New libssh2 packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

Oracle Linux 8 / 9 : java-11-openjdk (ELSA-2024-8121)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8121 advisory. 1:11.0.25.0.9-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.25.0.9-2 - Update to jdk-11.0.25+9 GA - Update release notes to 11.0.25+9 -...