Samsung Magician Installed (macOS)

Binary data macossamsungmagicianinstalled.nbin...

Atlassian Bamboo < 9.2.16 / < 9.6.4 File Inclusion (CVE-2024-21687)

The version of Atlassian Bamboo installed on the remote host is prior to 9.2.16 or 9.6.4. It is, therefore, affected by a file inclusion allows an authenticated attacker to get the application to display the contents of a local file, or execute a different files already stored locally on the serv...

Fedora 40 : tinyproxy (2024-aa3631a416)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-aa3631a416 advisory. Update to version 1.11.2 to fix CVE-2023-49606. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Apache CXF < 3.5.9, 3.6.x < 3.6.4, 4.0.x < 4.0.5 Multiple Vulnerabilities

The version of Apache CXF installed on the remote Windows host is affected by multiple vulnerabilities: - A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only...

Rocky Linux 9 : libndp (RLSA-2024:4636)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:4636 advisory. libndp: buffer overflow in route information length field CVE-2024-5564 Tenable has extracted the preceding description block directly from the Rocky Linux...

Fedora 40 : ruby (2024-93575091aa)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-93575091aa advisory. Upgrade to Ruby 3.3.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

National Instruments LabVIEW < 2024 Q3 Multiple Vulnerabilities

The version of National Instruments NI LabVIEW installed on the remote Windows host is affected by multiple vulnerabilities: - An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacke...

Oracle Linux 8 : libndp (ELSA-2024-4620)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-4620 advisory. 1.7-7 - Validate route information option length Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Oracle MySQL Cluster (Jul 2024 CPU)

The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.5.34 and prior,...

ChatGPT-web Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible ChatGPT-web instance. ChatGPT-web is a simple one-page web interface to the OpenAI ChatGPT API. This detection is included in the AI and LLM category. No source data...

Zoom Workplace Desktop App For Windows < 6.0.0 Path Traversal (ZSB-24023)

The version of Zoom Workplace Desktop App for Windows installed on the remote host is prior to 6.0.0. It is, therefore, affected by a path traversal vulnerability that allow a local authenticated attacker to conduct information disclosure via network access. Note that Nessus has not tested for th...

Spring Framework < 5.3.32 / 6.0.x < 6.0.17 / 6.1.x < 6.1.4 Open Redirect (CVE-2024-22243)

The remote host contains a Spring Framework version is affected by an open redirect vulnerability. Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open...

Fedora 39 : httpd (2024-e7e73befad)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-e7e73befad advisory. - version update - security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Fedora 39 : rapidjson (2024-a3c1b2629e)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a3c1b2629e advisory. Fix for CVE-2024-38517. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 39 : qt6-qtbase (2024-903b88b49e)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-903b88b49e advisory. Fix for CVE-2024-39936. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2024:2262-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2262-2 advisory. - Upgrade to 14.12 bsc1224051: - CVE-2024-4317: Restrict visibility of pgstatsext and pgstatsextexprs entries to the table owner. See releas...

Oracle Linux 9 : squid (ELSA-2024-4861)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-4861 advisory. - Resolves: RHEL-45056 - squid: Out-of-bounds write error may lead to Denial of Service CVE-2024-37894 Tenable has extracted the preceding description...

Photon OS 3.0: Rust PHSA-2022-3.0-0358

An update of the rust package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0358. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 40 : xmedcon (2024-f02d23b92b)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-f02d23b92b advisory. - update xmedcon to 0.24.0 - fixes: Bug 2283157 - xmedcon-0.24.0 is available Bug 2283100 - CVE-2024-29421 xmedcon: Heap overview when parsing DICOM...

Photon OS 3.0: Vim PHSA-2023-3.0-0554

An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0554. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20404...