Infoblox Device Detection

Binary data infobloxdevicedetect.nbin...

Suse Linux Enterprise For SAP SEoL (15.1.x)

According to its version, Suse Linux Enterprise For SAP is 15.1.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...

Couchbase Server Installed (Linux / Unix)

Binary data couchbaseservernixinstalled.nbin...

Apple iOS < 18.0.1 Multiple Vulnerabilities (121373)

Binary data appleios1801check.nbin...

Suse Linux Enterprise For SAP SEoL (15.4.x)

According to its version, Suse Linux Enterprise For SAP is 15.4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...

NVIDIA Container Toolkit Installed (Linux)

Binary data nvidiacontainertoolkitnixinstalled.nbin...

Infoblox NIOS Web Interface Detection

Binary data infobloxnioswebinterfacedetect.nbin...

Amazon Linux 2 : python-setuptools (ALAS-2024-2641)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2641 advisory. A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from...

Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2024-717)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-717 advisory. Denial-of-service due to unbounded pattern matching CVE-2024-31228 Lua library commands may be exploited by an authenticated user to achieve remote-code-execution CVE-2024-31449 Tenable has...

Jenkins plugins Multiple Vulnerabilities (2024-10-02)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab7161e9, does not redact encrypted values of credentials...

Amazon Linux 2 : python-pillow (ALAS-2024-2648)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2648 advisory. Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. CVE-2020-10177 Tenable has...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7021-4)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7021-4 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

Oracle Linux 9 : thunderbird (ELSA-2024-7552)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-7552 advisory. 128.3.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.3.0 - Add OpenELA debranding 128.3.0-1 - Update to 127.3.0 Tenable has...

Amazon Linux 2 : amazon-ssm-agent (ALAS-2024-2645)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.859.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2645 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive...

Amazon Linux 2 : c-ares (ALAS-2024-2646)

The version of c-ares installed on the remote host is prior to 1.19.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2646 advisory. Insufficient randomness in generation of DNS query IDs When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to...

Extreme Networks Fabric Engine OS Detect

Binary data extremenetworksfabricengine.nbin...

Extreme Networks Fabric Engine OS Web Detection

Binary data extremenetworksfabricenginewebdetect.nbin...

Oracle Linux 9 : firefox (ELSA-2024-7505)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-7505 advisory. 128.3.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...

Zimbra Collaboration Server 8.0.0 < 8.8.15 Patch 46, 9.0.0 < 9.0.0 Patch 41, 10.0 < 10.0.9, 10.1.0 < 10.1.1 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including: - Fixed a security vulnerability in the postjournal service which may allow unauthenticated users to execute commands. CVE-2024-45519 - A Server-Side Request Forgery SSRF...

Fake Disney+ activation page redirects to pornographic scam

A common way to activate digital subscriptions such as Netflix, Prime or Disney+ on a new TV is to visit a website and enter the code seen on your screen. It's much easier than having to authenticate using a remote and typing a username and password. Scammers are creating fake activation pages th...