Oracle Linux 8 : go-toolset:ol8 (ELSA-2024-6908)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6908 advisory. - Update to Go1.21.13 to fix CVE-2024-24791 - Fix CVE-2024-24791 Tenable has extracted the preceding description block directly from the Oracle Linux...

GLSA-202409-06 : file: Stack Buffer Overread

The remote host is affected by the vulnerability described in GLSA-202409-06 file: Stack Buffer Overread Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...

GLSA-202409-08 : OpenVPN: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202409-08 OpenVPN: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in OpenVPN. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a...

CBL Mariner 2.0 Security Update: xorg-x11-server (CVE-2024-0409)

The version of xorg-x11-server installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0409 advisory. - A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong typ...

Fedora 39 : python3-docs / python3.12 (2024-e453a209e9)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-e453a209e9 advisory. This is the sixth maintenance release of Python 3.12 ==================================================== Python 3.12 is the newest major release of...

Fedora 39 : frr (2024-2fff2b9a18)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-2fff2b9a18 advisory. Fix for CVE-2024-44070 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

PDF-XChange Editor Installed (Windows)

Binary data pdfxchangeeditorinstalled.nbin...

Rockwell FactoryTalk Batch View Installed (Windows)

Binary data rockwellfactorytalkbatchviewinstalled.nbin...

PDF-XChange Editor < 10.4.0.388 Multiple Vulnerabilities

The version of PDF-XChange Editor installed on the remote Windows host is prior to 10.4.0.388. It is, therefore, affected by multiple vulnerabilities: - A specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can...

ClamAV < 0.103.12, 1.0.0 < 1.0.7, 1.1.0 < 1.3.2, 1.4.0 < 1.4.1 DoS

The ClamAV reported version is 103.12, 1.0.x 1.0.7, 1.1.0 x 1.3.2, or 1.4.0 1.4.1 It is, therefore, affected by a Denial of Service vulnerability in the PDF parsing module, where an attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected...

ClamAV < 0.103.12, 1.0.0 < 1.0.7, 1.1.0 < 1.3.2, 1.4.0 < 1.4.1 System File Corruption

The ClamAV reported version is 103.12, 1.0.x 1.0.7, 1.1.0 x 1.3.2, or 1.4.0 1.4.1 It is, therefore, affected by a vulnerability in the ClamD service module, where an attacker could to corrupt a critical system file by appending ClamD log messages after restart. Note that Nessus has not tested for...

AlmaLinux 9 : expat (ALSA-2024:6754)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6754 advisory. libexpat: Negative Length Parsing Vulnerability in libexpat CVE-2024-45490 libexpat: Integer Overflow or Wraparound CVE-2024-45491 libexpat: integer...

Oracle Linux 9 : openssl (ELSA-2024-12675)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12675 advisory. 3.0.7-28.0.1fips - Replace upstream references in fips man pages Orabug: 35824276 - Add FIPS package change: add fips suffix to Release and set Epoch to 10...

PDF-XChange Editor < 10.4.0.387 Multiple Vulnerabilities

The version of PDF-XChange Editor installed on the remote Windows host is prior to 10.4.0.387. It is, therefore, affected by multiple vulnerabilities: - A specific flaw exists within the parsing of XPS files. The issue results from the lack of proper validation of user-supplied data, which can...

Microsoft Edge (Chromium) < 129.0.2792.52 (CVE-2025-29806)

The version of Microsoft Edge installed on the remote Windows host is prior to 129.0.2792.52. It is, therefore, affected by a vulnerability as referenced in the March 21, 2025 advisory. - No cwe for this issue in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3337-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3337-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. Tenable has extracted the preceding descripti...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3338-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3338-1 advisory. The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. Tenable has extracted the preceding descripti...

Rockwell FactoryTalk Batch View < 3.00 Authentication Bypass

The version of Rockwell FactoryTalk Batch View installed on the remote Windows host is prior to 3.00. It is, therefore, affected by a vulnerability. - An authentication bypass vulnerability exists in the affected product. The vulnerability exists due to shared secrets across accounts and could...

Fedora 39 : ruby (2024-2fb325d068)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2fb325d068 advisory. Upgrade to Ruby 3.2.5. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...