Malicious code in website-scanner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bab4a414e51f614858ff935138ccb2632b0ba1801566c398a699e692715ccaae The obfuscated code in setup.py on installation collects information about the system all possible about hardware, available resources, IP, names, etc. and sen...

MAL-2024-9067 Malicious code in website-scanner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bab4a414e51f614858ff935138ccb2632b0ba1801566c398a699e692715ccaae The obfuscated code in setup.py on installation collects information about the system all possible about hardware, available resources, IP, names, etc. and sen...

JetBrains YouTrack Installed (Linux / Unix)

Binary data jetbrainsyoutracknixinstalled.nbin...

F5 Networks BIG-IP : Perl vulnerability (K000141301)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000141301 advisory. Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute...

Mozilla Firefox ESR < 115.16

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.16. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-48 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Python vulnerability (USN-7015-3)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7015-3 advisory. USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding updates for CVE-2023-27043 for...

Synology DSM HTTP/2 Implementations Window Size and Stream Prioritization Manipulation (CVE-2019-9511)

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority ...

Google Chrome < 129.0.6668.89 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 129.0.6668.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 202410stable-channel-update-for-desktop advisory. - This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests...

Ubuntu 18.04 LTS : cups-filters vulnerability (USN-7043-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7043-2 advisory. USN-7043-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 18.04 LTS. Tenable has extracted the preceding...

FreeBSD : chromium -- multiple security fixes (2f82696c-adad-447b-9938-c99441805fa3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2f82696c-adad-447b-9938-c99441805fa3 advisory. Chrome Releases reports: This update includes 5 security fixes: Tenable has extracted the...

Ubuntu 18.04 LTS : CUPS vulnerability (USN-7041-2)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7041-2 advisory. USN-7041-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 18.04 LTS. Tenable has extracted the preceding description bloc...

AlmaLinux 8 : grafana (ALSA-2024:7349)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:7349 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 Tenable has extracted the preceding description block directly from th...

Synology DiskStation Manager Out-of-bounds Write (CVE-2021-31439)

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...

Oracle Linux 7 : krb5 (ELSA-2024-5076)

"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5076 advisory. - Fix integer overflows in PAC parsing CVE-2022-42898 - Fix KDC null deref on TGS inner body null server CVE-2021-37750 - Fix flaws in LDAP DN checkin...

Mozilla Firefox ESR < 115.16

The version of Firefox ESR installed on the remote Windows host is prior to 115.16. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-48 advisory. - An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the...

Adobe Commerce / Magento Installed (Linux)

Binary data adobecommercenixinstalled.nbin...

iTerm2 Installed (macOS)

Binary data iterm2macosinstalled.nbin...

Oracle Linux 7 : kernel (ELSA-2024-6994)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6994 advisory. 3.10.0-1160.119.1.0.5.el7.OL7 - wifi: mac80211: Avoid address calculations via out of bounds array indexing Kees Cook Orabug: 37092983 Tenable has extracted the...

Rocky Linux 9 : openssl (RLSA-2024:6783)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:6783 advisory. openssl: Possible denial of service in X.509 name checks CVE-2024-6119 Tenable has extracted the preceding description block directly from the Rocky Linux securi...

Rocky Linux 8 : gtk3 (RLSA-2024:6963)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:6963 advisory. gtk3: gtk2: Library injection from CWD CVE-2024-6655 Tenable has extracted the preceding description block directly from the Rocky Linux security advisory. Note...