AlmaLinux 8 : postgresql:12 (ALSA-2024:6000)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6000 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 Tenable has extracted the preceding description block directly from...

ManageEngine Password Manager Pro < 12.4 Build 12431 SQLi

The remote host is running a version of ManageEngine Password Manager Pro prior to 12.4 Build 12431. It is, therefore, affected by a SQL injection vulnerability. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the...

Google Chrome < 128.0.6613.114 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 128.0.6613.114. It is, therefore, affected by multiple vulnerabilities as referenced in the 202408stable-channel-update-for-desktop28 advisory. - Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a...

Magento XXE (CVE-2024-34102)

Binary data magentoXXECVE-2024-34102.nbin...

ThingWorx Kepware Server Installed (Windows)

Binary data thingworxkepwareserverwininstalled.nbin...

ManageEngine ADAudit Plus < Build 8121 Multiple Vulnerabilities

The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8121. It is, therefore, affected by multiple vulnerabilities. - Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option...

Juniper Junos OS DoS (JSA82988)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA82988 advisory. - A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated,...

Slackware Linux 15.0 kcron Vulnerability (SSA:2024-240-01)

The version of kcron installed on the remote host is prior to 21.12.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-240-01 advisory. New kcron packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description block...

SUSE SLES12 Security Update : kernel (Live Patch 48 for SLE 12 SP5) (SUSE-SU-2024:3021-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:3021-1 advisory. This update for the Linux Kernel 4.12.14-122176 fixes one issue. The following security issue was fixed: - CVE-2021-47378: Fixed use-after-free by...

SUSE SLES15: kernel-livepatch-5_3_18-150200_24_191-default / etc (SUSE-SU-2024:3039-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3039-1 advisory. This update for the Linux Kernel 5.3.18-15020024191 fixes several issues. The following security issues were fixed: - CVE-2021-47402: Fixed...

Google Chrome < 128.0.6613.113 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 128.0.6613.113. It is, therefore, affected by multiple vulnerabilities as referenced in the 202408stable-channel-update-for-desktop28 advisory. - Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allow...

Fedora 39 : dovecot (2024-ba5bb9f63a)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ba5bb9f63a advisory. - CVE-2024-23184: A large number of address headers in email resulted in excessive CPU usage. - CVE-2024-23185: Abnormally large email headers are n...

Atlassian Jira Service Management Data Center and Server 5.4.x < 5.4.25 / 5.12.x < 5.12.12 / 5.15.x < 5.17.1 DoS (JSDSERVER-15504)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15504 advisory. - Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apac...

Exploit for Code Injection in Geoserver

GeoExplorer GeoExplorer is a mass scanner project consisting...

Intel Trace Analyzer and Collector Installed (Windows)

Binary data inteltraceanalyzerandcollectorinstalled.nbin...

Intel oneAPI HPC Toolkit Installed (Windows)

Binary data intelhpctoolkitinstalled.nbin...

Forescout CounterACT Service Detection

Binary data forescoutcounteractservicedetect.nbin...

Fedora 40 : calibre (2024-a455bea9ca)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a455bea9ca advisory. Fix fonts for f41 releases. ---- Upgrade to latest upstream release to fix 4 CVE's and enable new hardware Tenable has extracted the preceding...

Ubuntu 16.04 LTS : Drupal vulnerabilities (USN-6981-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6981-1 advisory. It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code...

Fedora 40 : webkitgtk (2024-6b8845e3f0)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6b8845e3f0 advisory. Fix web process cache suspend/resume when sandbox is enabled. Fix accelerated images disappearing after scrolling. Fix video flickering with DMA-BUF...