FreeBSD : gitea -- token missing access control for packages (79b1f4ee-860a-11ef-b2dc-cbccbf25b7ea)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 79b1f4ee-860a-11ef-b2dc-cbccbf25b7ea advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...

Fedora 40 : xen (2024-051cf1553e)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-051cf1553e advisory. x86: Deadlock in vlapicerror XSA-462, CVE-2024-45817 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Juniper Junos OS Vulnerability (JSA88115)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA88115 advisory. - An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000...

Fedora 40 : firefox (2024-db72f480e8)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-db72f480e8 advisory. - New upstream version 131.0.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

HP LaserJet Printers DoS (HPSBPI03976)

Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs. Note that Nessus has not tested for this issue but has...

Juniper Junos OS Vulnerability (JSA88128)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA88128 advisory. - An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker ...

FreeBSD : powerdns-recursor -- denial of service (8727b513-855b-11ef-9e50-6805ca2fa271)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8727b513-855b-11ef-9e50-6805ca2fa271 advisory. PowerDNS Team reports: PowerDNS Security Advisory 2024-04: Crafted responses can lead to a denial of...

AlmaLinux 8 : openssl (ALSA-2024:7848)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:7848 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

Oracle Linux 8 : openssl (ELSA-2024-7848)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-7848 advisory. 1:1.1.1k-14 - Backport fix SSLselectnext proto from OpenSSL 3.2 Fix CVE-2024-5535 Resolves: RHEL-45654 Tenable has extracted the preceding description block...

Microsoft Edge (Chromium) < 129.0.2792.89 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 129.0.2792.89. It is, therefore, affected by multiple vulnerabilities as referenced in the October 10, 2024 advisory. - Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform...

Fedora 39 : xen (2024-020dbf247c)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-020dbf247c advisory. x86: Deadlock in vlapicerror XSA-462, CVE-2024-45817 ---- update to xen-4.17.5 Tenable has extracted the preceding description block directly from the Fedora...

SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2024:3575-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3575-1 advisory. - CVE-2024-31228: Fixed unbounded recursive pattern matching bsc1231265 - CVE-2024-31449: Fixed integer overflow bug ...

Autodesk Navisworks Manage Installed (Windows)

Binary data autodesknavisworksmanagewininstalled.nbin...

CentOS 7 : targetcli (RHSA-2020:5434)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5434 advisory. - Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target and for the backup directory and backup files. CVE-2020-13867 Note that Nessus has...

Esri Portal for ArcGIS < Security 2024 Update 2 Multiple Vulnerabilities (10.8.1)

The version of Esri Portal for ArcGIS installed is missing Security 2024 Update 2. It is, therefore, affected by multiple vulnerabilities including: - There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2. 11.1, 11.0 and 10.9.1 that may allow a remote, unauthenticated...

CentOS 7 : qemu-kvm-ma (RHSA-2020:1209)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1209 advisory. - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code. CVE-2020-8608 Note that Nessus...

CentOS 7 : buildah (RHSA-2020:2116)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2116 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious containe...

Autodesk Navisworks Simulate Installed (Windows)

Binary data autodesknavisworkssimulatewininstalled.nbin...

Autodesk Navisworks Freedom Installed (Windows)

Binary data autodesknavisworksfreedomwininstalled.nbin...

CentOS 7 : kpatch-patch (RHSA-2020:0028)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0028 advisory. - Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated user to...