KB5042881: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (September 2024)

The remote Windows host is missing security update 5042881 or hotpatch update 5042880. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows...

NewStart CGSL MAIN 6.02 : libsepol Multiple Vulnerabilities (NS-SA-2024-0054)

The remote NewStart CGSL host, running version MAIN 6.02, has libsepol packages installed that are affected by multiple vulnerabilities: - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper. CVE-2021-36084 - The...

Adobe After Effects < 23.6.9 / 24.0 < 24.6 Multiple Vulnerabilities (APSB24-55)

The version of Adobe After Effects installed on the remote Windows host is prior to 23.6.9, 24.6. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-55 advisory. - After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability...

KB5043125: Windows Server 2012 Security Update (September 2024)

The remote Windows host is missing security update 5043125. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows Remote Desktop Licensing...

NewStart CGSL MAIN 6.02 : dnf Vulnerability (NS-SA-2024-0064)

The remote NewStart CGSL host, running version MAIN 6.02, has dnf packages installed that are affected by a vulnerability: - A flaw was found in libdnf's signature verification functionality. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM...

Oracle Linux 7 : java-11-openjdk (ELSA-2024-4564)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4564 advisory. - CVE-2024-21131 Improve-UTF8-String-supports - CVE-2024-21138 Better-symbol-storage - CVE-2024-21140 Improved-loop-handling - CVE-2024-21144...

KB5043064: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (September 2024)

The remote Windows host is missing security update 5043064. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Access Connection Manager Elevation of Privilege Vulnerability CVE-2024-38240 - Windows TCP/IP Remote...

Adobe Premiere Pro < 23.6.9 / 24.0 < 24.6 Multiple Vulnerabilities (APSB24-58) (macOS)

The version of Adobe Premiere Pro installed on the remote macOS host is prior to 23.6.9, 24.6. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-58 advisory. - Premiere Pro versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that...

Adobe Photoshop 24.x < 24.7.5 / 25.x < 25.12 Multiple Vulnerabilities (APSB24-72)

The version of Adobe Photoshop installed on the remote Windows host is prior to 24.7.5/25.12. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb24-72 advisory. - Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability...

KB5043080: Windows 11 version 24H2 Security Update (September 2024)

The remote Windows host is missing security update 5043080. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Microsoft Management Console Remote Code Execution Vulnerability CVE-2024-38259 - Windows Remote Access Connection...

Adobe Audition < 23.6.9 / 24.0.0 < 24.6.0 Multiple Vulnerabilities (APSB24-54)

The version of Adobe Audition installed on the remote Windows host is prior to 23.6.9, 24.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-54 advisory. - Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that...

NewStart CGSL MAIN 6.02 : dnf-plugins-core Vulnerability (NS-SA-2024-0064)

The remote NewStart CGSL host, running version MAIN 6.02, has dnf-plugins-core packages installed that are affected by a vulnerability: - A flaw was found in libdnf's signature verification functionality. This flaw allows an attacker to achieve code execution if they can alter the header...

NewStart CGSL MAIN 6.02 : brotli Vulnerability (NS-SA-2024-0059)

The remote NewStart CGSL host, running version MAIN 6.02, has brotli packages installed that are affected by a vulnerability: - A buffer overflow flaw was found in the Brotli library where an attacker could control the input length of a one-shot decompression request to a script that can trigger ...

Adobe Audition < 23.6.9 / 24.0.0 < 24.6.0 Multiple Vulnerabilities (APSB24-54) (macOS)

The version of Adobe Audition installed on the remote macOS host is prior to 23.6.9, 24.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-54 advisory. - Audition versions 24.4.1, 23.6.6 and earlier are affected by an out-of-bounds write vulnerability that cou...

KB5043055: Windows Server version 23H2 Security Update (September 2024)

The remote Windows host is missing security update 5043055. It is, therefore, affected by multiple vulnerabilities - Windows MSHTML Platform Spoofing Vulnerability CVE-2024-43461 - Windows Remote Desktop Licensing Service Spoofing Vulnerability CVE-2024-43455 - Windows Remote Desktop Licensing...

Security Updates for Microsoft Office Products (September 2024) (macOS)

The version of Microsoft Office for Mac installed on the remote host is affected by a vulnerability as referenced in the september-10-2024 advisory. - Microsoft Excel Elevation of Privilege Vulnerability CVE-2024-43465 Note that Nessus has not tested for this issue but has instead relied only on...

NewStart CGSL MAIN 6.02 : python3 Vulnerability (NS-SA-2024-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has python3 packages installed that are affected by a vulnerability: - Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client...

Fortinet FortiClient (All) - Lack of client-side certificate validation using SAML SSO (FG-IR-22-230) (macOS)

The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-230 advisory. - An improper certificate validation vulnerability CWE-295 in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7,...

NewStart CGSL MAIN 6.02 : libksba Vulnerability (NS-SA-2024-0050)

The remote NewStart CGSL host, running version MAIN 6.02, has libksba packages installed that are affected by a vulnerability: - A vulnerability was found in the Libksba library, due to an integer overflow within the CRL's signature parser. This issue can be exploited remotely for code execution ...

NewStart CGSL MAIN 6.02 : curl Multiple Vulnerabilities (NS-SA-2024-0050)

The remote NewStart CGSL host, running version MAIN 6.02, has curl packages installed that are affected by multiple vulnerabilities: - The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPTFOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow...