Progress WhatsUp Gold < 24.0.0 Multiple Vulnerabilities (000263015)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.0. It is, therefore, affected by multiple vulnerabilities as referenced in the 000263015 advisory: - In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQ...

Ubuntu 16.04 LTS : Drupal vulnerabilities (USN-6981-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6981-1 advisory. It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code...

Johnson Controls exacqVision Client Installed (Windows)

Binary data johnsoncontrolsexacqvisionclientwininstalled.nbin...

Johnson Controls exacqVision Client Installed (macOS)

Binary data johnsoncontrolsexacqvisionclientmacinstalled.nbin...

Johnson Controls exacqVision Client Installed (Linux)

Binary data johnsoncontrolsexacqvisionclientnixinstalled.nbin...

CBL Mariner 2.0 Security Update: ruby (CVE-2024-27282)

The version of ruby installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27282 advisory. - An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex...

RHEL 9 : httpd (RHSA-2024:5812)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5812 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Security issues via?backe...

CBL Mariner 2.0 Security Update: python-urllib3 / python3 (CVE-2023-43804)

The version of python-urllib3 / python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43804 advisory. - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cooki...

SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2024:3001-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3001-1 advisory. - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping XSA-460, bsc1228574 - CVE-2024-31146: Fixed PCI device...

FreeBSD : md4c -- DoS attack (f2b1da2e-6178-11ef-8a7d-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f2b1da2e-6178-11ef-8a7d-b42e991fc52e advisory. [email protected] reports: mdanalyzeline in md4c.c in md4c 0.4.7 allows attackers to trigger use of...

Ivanti Avalanche < 6.4.4 Multiple Vulnerabilities

The version of Ivanti Avalanche running on the remote host is prior to 6.4.4. It is, therefore, is affected by multiple vulnerabilities : - An off-by-one error in WLInfoRailService allows a remote unauthenticated attacker to crash the service. CVE-2024-36136 - Improper input validation in the...

Siemens SCALANCE M-800, RUGGEDCOM RM1224 Insertion of Sensitive Information Into Log File (CVE-2024-41978)

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.1, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.1, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.1, SCALANCE M812-1 ADSL- Router family All versions V8.1, SCALANCE M816-1...

Fedora 39 : iaito / radare2 (2024-3667e29b88)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-3667e29b88 advisory. Bump to version 5.9.4 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 40 : iaito / radare2 (2024-a562addefa)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-a562addefa advisory. Bump to version 5.9.4 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

ManageEngine ServiceDesk Plus MSP < 14.8 Build 14810

The version of ManageEngine ServiceDesk Plus MSP installed on the remote host is prior to 14.8 Build 14810. It is, therefore, affected by a vulnerability as referenced in the service-desk-mspCVE-2024-41150 advisory. - An Stored Cross-site Scripting vulnerability in request module affects Zohocorp...

F5 Networks BIG-IP : Apache HTTPD vulnerability (K000140784)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000140784 advisory. null pointer dereference in modproxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server v...

IBM DB2 DoS (7165338) (Unix)

According to its self-reported version number, IBM Db2 on Unix is vulnerable to a denial of service as the server may crash when using a specially crafted query on columnar tables in a database partitioned environment. Note that Nessus has not tested for this issue but has instead relied only on...

JetBrains TeamCity < 2024.07.1 Multiple Vulnerabilities

The version of JetBrains TeamCity installed on the remote host is prior to 2024.07.1. It is, therefore, affected by multiple vulnerabilities: - In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions CVE-2024-43114 - In JetBrains TeamCity before...

Wordfence Intelligence Weekly WordPress Vulnerability Report (August 12, 2024 to August 18, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Through October 14th, researchers can earn up to $31,200, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and ...

Intel Connectivity Performance Suite Installed (Windows)

Binary data intelconnectivityperformancesuitewininstalled.nbin...