Fedora 40 : mingw-qt5-qtbase (2024-c37b7a4e71)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c37b7a4e71 advisory. Apply fix for CVE-2024-39936 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

AlmaLinux 9 : httpd (ALSA-2024:5138)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5138 advisory. httpd: Security issues via?backend applications whose response headers are malicious or exploitable CVE-2024-38476 Tenable has extracted the preceding description...

SUSE SLES15 / openSUSE 15 Security Update : python-Django (SUSE-SU-2024:2816-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2816-1 advisory. - CVE-2024-42005: Fixed SQL injection in QuerySet.values and valueslist bsc1228629 - CVE-2024-41989: Fixed Memory exhaustion in...

Photon OS 3.0: Linux PHSA-2024-3.0-0749

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0749. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 40 : mingw-qt6-qtbase (2024-81c4b76a71)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-81c4b76a71 advisory. Apply fix for CVE-2024-39936 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : shadow (SUSE-SU-2024:2804-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2804-1 advisory. - Fixed not copying of skel files bsc1228770 Tenable has extracted the preceding description block direct...

Photon OS 5.0: Shim PHSA-2024-5.0-0332

An update of the shim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0332. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLES12 Security Update : shadow (SUSE-SU-2024:2805-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2805-1 advisory. - CVE-2013-4235: Fixed TOCTOU race condition bsc916845 Tenable has extracted the preceding description block directly from the SUSE security...

SUSE SLES15 Security Update : kernel (Live Patch 41 for SLE 15 SP3) (SUSE-SU-2024:2815-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2815-1 advisory. This update for the Linux Kernel 5.3.18-15030059150 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed...

EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2024-2088)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can resu...

Photon OS 4.0: Tpm2 PHSA-2024-4.0-0664

An update of the tpm2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0664. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ABB Ability System 800xA Improper Input Validation (CVE-2024-3036)

Improper Input Validation vulnerability in ABB 800xA Base. An attacker who successfully exploited this vulnerability could cause services to crash by sending specifically crafted messages. This issue affects 800xA Base: from 6.0.0 through 6.1.1-2. This plugin only works with Tenable.ot. Please...

Fedora 39 : opentofu (2024-35147eb6ad)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-35147eb6ad advisory. Update to 1.8.0 ---- Fix for CVE-2024-6257 CVE-2024-6104 CVE-2024-24789 Tenable has extracted the preceding description block directly from the Fedo...

Photon OS 3.0: Libvirt PHSA-2024-3.0-0749

An update of the libvirt package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0749. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : shadow (SUSE-SU-2024:2808-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2808-1 advisory. - Fixed not copying of skel files bsc1228770 Tenable has extracted the preceding description block direct...

Siemens RUGGEDCOM Incorrect Privilege Assignment (CVE-2024-38278)

The affected products with IP forwarding enabled wrongly make available certain remote services in non-managed VLANs, even if these services are not intentionally activated. An attacker could leverage this vulnerability to create a remote shell to the affected system. This plugin only works with...

Photon OS 3.0: Tpm2 PHSA-2024-3.0-0776

An update of the tpm2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0776. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EulerOS 2.0 SP11 : less (EulerOS-SA-2024-2101)

According to the versions of the less package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation...

Siemens RUGGEDCOM Exposure of Sensitive System Information to an Unauthorized Control Sphere (CVE-2024-39675)

In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

EulerOS 2.0 SP11 : less (EulerOS-SA-2024-2084)

According to the versions of the less package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation...