EulerOS 2.0 SP11 : less (EulerOS-SA-2024-2084)

According to the versions of the less package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation...

ABB Ability System 800xA Improper Input Validation (CVE-2024-3036)

Improper Input Validation vulnerability in ABB 800xA Base. An attacker who successfully exploited this vulnerability could cause services to crash by sending specifically crafted messages. This issue affects 800xA Base: from 6.0.0 through 6.1.1-2. This plugin only works with Tenable.ot. Please...

GLSA-202408-13 : Nokogiri: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202408-13 Nokogiri: Denial of Service A denial of service vulnerability has been discovered in Nokogiri. Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly...

GLSA-202408-10 : nghttp2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202408-10 nghttp2: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in nghttp2. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

GLSA-202408-09 : Cairo: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202408-09 Cairo: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Cairo. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from...

GLSA-202408-12 : Bitcoin: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202408-12 Bitcoin: Denial of Service Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory. Note that Nessus has not...

Progress WhatsUp Gold < 23.1.3 Multiple Vulnerabilities (000258130)

The version of Progress WhatsUp Gold installed on the remote host is prior to 23.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 000258130 advisory, including: - In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress...

Sunhillo SureLine Web Portal Detection

Binary data sunhillosurelinewebdetect.nbin...

Apple TV < 17.6 Multiple Vulnerabilities (HT214122)

According to its banner, the version of Apple TV on the remote device is prior to 17.6. It is therefore affected by multiple vulnerabilities as described in the HT214122 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid205149; scriptversion"1.3";...

GLSA-202408-07 : Go: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202408-07 Go: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...

GLSA-202408-08 : json-c: Buffer Overflow

The remote host is affected by the vulnerability described in GLSA-202408-08 json-c: Buffer Overflow Please review the CVE identifier referenced below for details. Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory. Note that Nessus has not test...

Juniper Junos OS Vulnerability (JSA75756)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75756 advisory. - An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information...

GLSA-202408-11 : aiohttp: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202408-11 aiohttp: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in aiohttp. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-40902)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40902 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for...

CBL Mariner 2.0 Security Update: moby-engine (CVE-2024-41110)

The version of moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41110 advisory. - Moby is an open-source project created by Docker for software containerization. A security vulnerabilit...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-39476)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39476 advisory. - In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d wait...

SUSE SLES12 Security Update : ksh (SUSE-SU-2024:2756-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2756-1 advisory. - CVE-2019-14868: Fixed code injection due to environment variables on startup interpreted as arithmetic expression bsc1160796 Other fixes: ...

Google Chrome < 127.0.6533.99 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 127.0.6533.99. It is, therefore, affected by multiple vulnerabilities as referenced in the 202408stable-channel-update-for-desktop advisory. - Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a...

CBL Mariner 2.0 Security Update: cmake / curl / mysql (CVE-2024-2004)

The version of cmake / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2004 advisory. - When a protocol selection parameter option disables all protocols without adding any then the...

CBL Mariner 2.0 Security Update: qemu (CVE-2022-3165)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3165 advisory. - An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the...