Photon OS 3.0: Libvirt PHSA-2019-3.0-0016

An update of the libvirt package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0016. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EulerOS 2.0 SP8 : graphviz (EulerOS-SA-2024-2031)

According to the versions of the graphviz packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because th...

Photon OS 2.0: Nettle PHSA-2020-2.0-0233

An update of the nettle package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0233. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Yarn PHSA-2020-2.0-0216

An update of the yarn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0216. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Amazon Linux 2023 : ecs-init (ALAS2023-2024-672)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-672 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADE...

Photon OS 2.0: Python3 PHSA-2019-2.0-0120

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0120. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 1.0: Procmail PHSA-2017-0052

An update of the procmail package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0052. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Hikvision Multiple Products Command Injection (CVE-2021-36260)

A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands. This plugin only works with Tenable.ot. Please vis...

Photon OS 1.0: Krb5 PHSA-2017-0038

An update of the krb5 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid202838;...

Photon OS 3.0: Kibana PHSA-2019-3.0-0012

An update of the kibana package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0012. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 1.0: Linux PHSA-2017-0038

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid202839;...

Photon OS 2.0: Polkit PHSA-2019-2.0-0161

An update of the polkit package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0161. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Libarchive PHSA-2019-3.0-0004

An update of the libarchive package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0004. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-658)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-658 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race CVE-2024-36971 Tenable has extracted the preceding description block directly from the tested product...

Photon OS 3.0: Gnutls PHSA-2019-3.0-0011

An update of the gnutls package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0011. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Wget PHSA-2019-2.0-0161

An update of the wget package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0161. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Apache PHSA-2019-3.0-0011

An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0011. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CBL Mariner 2.0 Security Update: httpd (CVE-2024-38472)

The version of httpd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38472 advisory. - SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF a...

Fedora 39 : suricata (2024-40179ecb37)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-40179ecb37 advisory. New bugfix and security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 40 : fluent-bit (2024-07db6333b0)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-07db6333b0 advisory. Update to 3.0.4 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...