SUSE SLES12 Security Update : curl (SUSE-SU-2024:3203-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3203-1 advisory. - CVE-2024-8096: OCSP stapling bypass with GnuTLS. bsc1230093 Tenable has extracted the preceding description block directly from the SUSE...

Photon OS 5.0: Linux PHSA-2024-5.0-0373

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0373. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EulerOS 2.0 SP9 : libldb (EulerOS-SA-2024-2371)

According to the versions of the libldb package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : MaxQueryDuration not honoured in Samba AD DC LDAPCVE-2021-3670 Tenable has extracted the preceding description block directly from the EulerOS libl...

EulerOS 2.0 SP10 : libarchive (EulerOS-SA-2024-2420)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Windows Libarchive Remote Code Execution VulnerabilityCVE-2024-20696 Tenable has extracted the preceding description block directly from the...

GitLab 15.10 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-5435)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15.10 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before...

Adobe Acrobat < 20.005.30680 / 24.001.30187 / 24.003.20112 Multiple Vulnerabilities (APSB24-70) (macOS)

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 20.005.30680, 24.001.30187, or 24.003.20112. It is, therefore, affected by multiple vulnerabilities. - Access of Resource Using Incompatible Type 'Type Confusion' potentially leading to Arbitrary code execution...

GitLab 13.7 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-8641)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

CBL Mariner 2.0 Security Update: shim / shim-unsigned-aarch64 / shim-unsigned-x64 (CVE-2023-40548)

The version of shim / shim-unsigned-aarch64 / shim-unsigned-x64 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-40548 advisory. - A buffer overflow was found in Shim in the 32-bit system. The...

Fedora 40 : python3.6 (2024-02027448d8)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-02027448d8 advisory. Security fix for CVE-2024-6232 rhbz2310092 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

CBL Mariner 2.0 Security Update: frr (CVE-2024-31951)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31951 advisory. - In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon...

EulerOS 2.0 SP10 : dnsmasq (EulerOS-SA-2024-2433)

According to the versions of the dnsmasq package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : dnsmasq 2.9 is vulnerable to Integer Overflow via forwardquery.CVE-2023-49441 Tenable has extracted the preceding description block directly from...

EulerOS 2.0 SP10 : libldb (EulerOS-SA-2024-2421)

According to the versions of the libldb package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : MaxQueryDuration not honoured in Samba AD DC LDAPCVE-2021-3670 Tenable has extracted the preceding description block directly from the EulerOS libl...

EulerOS 2.0 SP9 : gtk2 (EulerOS-SA-2024-2392)

According to the versions of the gtk2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Setuptools vulnerability (USN-7002-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7002-1 advisory. It was discovered that setuptools was vulnerable to remote code execution. An attacker could possibly...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-41070)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41070 advisory. - In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in...

EulerOS 2.0 SP9 : libldb (EulerOS-SA-2024-2396)

According to the versions of the libldb package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : MaxQueryDuration not honoured in Samba AD DC LDAPCVE-2021-3670 Tenable has extracted the preceding description block directly from the EulerOS libl...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-41073)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41073 advisory. - In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload ...

EulerOS 2.0 SP10 : cups (EulerOS-SA-2024-2432)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.8 and earlier, when starting the...

CBL Mariner 2.0 Security Update: libsndfile (CVE-2022-33065)

The version of libsndfile installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-33065 advisory. - Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and...

CBL Mariner 2.0 Security Update: python3 / tensorflow (CVE-2024-7592)

The version of python3 / tensorflow installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7592 advisory. - There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standa...