58854 matches found
CVE-2024-39599 [CVE-2024-39599] Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform
Due to a Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform, a developer can bypass the configured malware scanner API because of a programming error. This leads to a low impact on the application's confidentiality, integrity, and availability...
CVE-2024-39599 [CVE-2024-39599] Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform
Due to a Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform, a developer can bypass the configured malware scanner API because of a programming error. This leads to a low impact on the application's confidentiality, integrity, and availability...
KB5040437: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (July 2024)
The remote Windows host is missing security update 5040437. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
KB5040431: Windows 11 version 21H2 Security Update (July 2024)
The remote Windows host is missing security update 5040431. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
Security Updates for Microsoft Dynamics 365 (on-premises) (July 2024)
The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by an information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. Note that Nessus has not tested for these issues but has instead relied only on th...
KB5040430: Windows 10 version 1809 / Windows Server 2019 Security Update (July 2024)
The remote Windows host is missing security update 5040430. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
CentOS 9 : openssh-8.7p1-42.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssh-8.7p1-42.el9 build changelog. - A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead to sshd to handle some...
SAP NetWeaver Application Server Security Vulnerability
SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server that stems from a failure in the protection mechanism, which allows a developer to bypass the configured Malware Scanner API, resulting in a low impact ...
SUSE SLED15 / SLES15 Security Update : poppler (SUSE-SU-2024:2334-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2334-1 advisory. - CVE-2024-6239: Fixed crash when using pdfinfo with -dests parameter on malformed input files bsc1226916. Tenable has...
KB5040485: Windows Server 2012 Security Update (July 2024)
The remote Windows host is missing security update 5040485. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
KB5040498: Windows Server 2008 R2 Security Update (July 2024)
The remote Windows host is missing security update 5040498. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
RHEL 9 : booth (RHSA-2024:4411)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4411 advisory. The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inpu...
KB5040438: Windows 11 version 22H2 / Windows Server version 23H2 Security Update (July 2024)
The remote Windows host is missing security update 5040438. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
Joomla 3.0.x < 3.10.16 / 4.0.x < 4.4.6 / 5.0.x < 5.1.2 Multiple Vulnerabilities (5909-joomla-5-1-2-and-joomla-4-4-6-security-and-bug-fix-release)
According to its self-reported version, the instance of Joomla! running on the remote web server is 3.0.x prior to 3.10.16, 4.0.x prior to 4.4.6, or 5.0.x prior to 5.1.2. It is, therefore, affected by multiple vulnerabilities. - Inadequate input validation leads to XSS vulnerabilities in the...
Mozilla Firefox < 128.0
The version of Firefox installed on the remote Windows host is prior to 128.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-29 advisory. - When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. CVE-2024-6609 -...
Security Updates for Microsoft Visual Studio Products (July 2024)
The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including: - .NET Core and Visual Studio Denial of Service Vulnerability. CVE-2024-30105, CVE-2024-38095 - .NET and Visual Studio Remote Code Execution Vulnerability...
Security Updates for Microsoft SharePoint Server Subscription Edition (July 2024)
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitra...
KB5040427: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (July 2024)
The remote Windows host is missing security update 5040427. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...
Security Update for Microsoft .NET Core (July 2024)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - .NET Core and Visual Studio Denial of Service Vulnerability CVE-2024-30105 - .NET and Visual Studio Remote Code...
PT-2024-10305 · Sap · Sap Netweaver Application Server Abap +1
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for ABAP and ABAP Platform affected versions not specified Description: The issue is related to a Protection Mechanism Failure in SAP NetWeaver Application Server for ABAP and ABAP Platform. This failure allow...