Fedora 40 : mysql8.0 (2024-5d9dc19f2d)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5d9dc19f2d advisory. MySQL 8.0.39 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-38.html...

AlmaLinux 9 : libreoffice (ALSA-2024:5583)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5583 advisory. libreoffice: bility to trust not validated macro signatures removed in high security mode CVE-2024-6472 Tenable has extracted the preceding description block...

SUSE SLES12: libodbc2 / libodbc2-32bit / unixODBC / unixODBC-32bit / etc (SUSE-SU-2024:2978-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2978-1 advisory. - CVE-2024-1013: Fixed out of bounds stack write due to pointer-to-integer types conversion on 64-bit architectures bsc1228143 Tenable has...

AlmaLinux 8 : tomcat (ALSA-2024:5694)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5694 advisory. tomcat: Improper Handling of Exceptional Conditions CVE-2024-34750 Tenable has extracted the preceding description block directly from the AlmaLinux security...

CBL Mariner 2.0 Security Update: ruby (CVE-2024-27281)

The version of ruby installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27281 advisory. - An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing...

Rocky Linux 8 : httpd:2.4 (RLSA-2024:5193)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5193 advisory. httpd: Security issues via?backend applications whose response headers are malicious or exploitable CVE-2024-38476 Tenable has extracted the preceding descriptio...

AlmaLinux 9 : python3.12-setuptools (ALSA-2024:5533)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5533 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

AlmaLinux 9 : python-setuptools (ALSA-2024:5534)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5534 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

Amazon Linux 2 : oci-add-hooks (ALASNITRO-ENCLAVES-2024-043)

The version of oci-add-hooks installed on the remote host is prior to 0-0.2.20200504git325a340. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2024-043 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an...

Google Chrome < 128.0.6613.84 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 128.0.6613.84. It is, therefore, affected by multiple vulnerabilities as referenced in the 202408stable-channel-update-for-desktop21 advisory. - Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a...

Google Chrome < 128.0.6613.84 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 128.0.6613.84. It is, therefore, affected by multiple vulnerabilities as referenced in the 202408stable-channel-update-for-desktop21 advisory. - Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remot...

CBL Mariner 2.0 Security Update: hdf5 (CVE-2024-32617)

The version of hdf5 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32617 advisory. - HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in...

AlmaLinux 9 : curl (ALSA-2024:5529)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5529 advisory. curl: HTTP/2 push headers memory-leak CVE-2024-2398 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : curl (ALSA-2024:5654)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5654 advisory. curl: HTTP/2 push headers memory-leak CVE-2024-2398 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

Johnson Controls ExacqVision Web Server Installed (Linux)

Binary data johnsoncontrolsexacqvisionwebservernixinstalled.nbin...

Acronis Cyber Infrastructure Service Detection

Binary data acroniscyberinfrastructureservicedetect.nbin...

Apache OFBiz Path Traversal (CVE-2024-32113)

Binary data apacheofbizcve-2024-32113.nbin...

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-2237)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the...

EulerOS 2.0 SP12 : expat (EulerOS-SA-2024-2235)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers created via...

WordPress Plugin 'GiveWP - Donation Plugin and Fundraising Platform' < 3.14.2 RCE

The WordPress application running on the remote host has a version of the 'GiveWP - Donation Plugin and Fundraising Platform' plugin that is prior to 3.14.2. It is, therefore, affected by a remote code execution vulnerability. Deserialization of malicious PHP objects injected through the...