Photon OS 4.0: Rust PHSA-2021-4.0-0085

An update of the rust package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0085. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Libtiff PHSA-2019-3.0-0017

An update of the libtiff package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0017. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Elfutils PHSA-2019-3.0-0021

An update of the elfutils package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0021. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 40 : httpd (2024-de08df1535)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-de08df1535 advisory. - new version 2.4.62 - Fixes CVE-2024-40725 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Photon OS 1.0: Unzip PHSA-2017-0040

An update of the unzip package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0040. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid202833;...

Photon OS 2.0: Yarn PHSA-2020-2.0-0216

An update of the yarn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0216. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Openssh PHSA-2019-3.0-0017

An update of the openssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0017. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Etcd PHSA-2020-3.0-0130

An update of the etcd package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0130. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Libvirt PHSA-2019-3.0-0016

An update of the libvirt package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0016. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Hikvision Video Recorders Command Injection (CVE-2024-29948)

There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Hikvision NVRs Devices HTTP Buffer Overflow (CVE-2015-4407)

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service service interruption via a crafted HTTP request, aka the PSIA issue. This plugin only works with Tenable.ot. Please visit...

Hikvision Video Recorders NULL Pointer Dereference (CVE-2024-29947)

There is a NULL pointer dereference vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality. This plugin only works with Tenable.ot. Please visit...

Hikvision NVRs Devices HTTP Buffer Overflow (CVE-2015-4408)

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service service interruption via a crafted HTTP request, aka the ISAPI issue. This plugin only works with Tenable.ot. Please visit...

Hikvision Cameras Buffer Overflow (CVE-2018-6413)

There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack service interruption via a crafted network setting interface request. This plugin only works with Tenable.ot. Plea...

Amazon Linux 2023 : composer (ALAS2023-2024-659)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-659 advisory. Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the composer install command running inside a git/hg repository which has specially crafted branch names c...

Photon OS 3.0: Linux PHSA-2019-3.0-0021

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0021. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Hikvision IP Cameras Missing Encryption of Sensitive Data (CVE-2017-14953)

HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an...

Siemens SITOP UPS1600 Out-of-bounds Write (CVE-2023-26554)

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

EulerOS 2.0 SP8 : sudo (EulerOS-SA-2024-2055)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.13 does not escape control characters in sudoreplay output.CVE-2023-28487 Sudo before 1.9.13 does not escape control characters in lo...

Photon OS 3.0: Gnutls PHSA-2019-3.0-0011

An update of the gnutls package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0011. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...