openSUSE 15 Security Update : openssh (SUSE-SU-2024:2275-2)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:2275-2 advisory. - CVE-2024-6387: Fixed race condition in a signal handler bsc1226642 Tenable has extracted the preceding description block directly from the SUSE security...

GLSA-202407-17 : BusyBox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-17 BusyBox: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Virtuoso Open-Source Edition vulnerabilities (USN-6879-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6879-1 advisory. Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL...

Apache Tomcat < 11.0.0-M21 Vulnerability

Binary data 701471.pasl...

Apache Tomcat < 9.0.90 Vulnerability

Binary data 701472.pasl...

Fedora 39 : libnbd (2024-3c46dc648c)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-3c46dc648c advisory. New upstream stable version 1.18.5 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Apache Tomcat < 10.1.25 Vulnerability

Binary data 701470.pasl...

SUSE SLED12 / SLES12 Security Update : podofo (SUSE-SU-2024:2287-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2287-1 advisory. - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of...

Fedora 39 : firmitas (2024-139cdfb1fc)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-139cdfb1fc advisory. Cryptography v42 is the new thing. Please follow the steps provided here https://github.com/fedora-infra/firmitas/blob/main/README.md for testing. References...

CBL Mariner 2.0 Security Update: glibc (CVE-2023-5156)

The version of glibc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5156 advisory. - A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory...

Fedora 40 : firmitas (2024-71ef04b872)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-71ef04b872 advisory. Cryptography v42 is the new thing. Please follow the steps provided here https://github.com/fedora-infra/firmitas/blob/main/README.md for testing. References...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 24, 2024 to June 30, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest...

ZenML Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible ZenML instance on the target application. ZenML is an open-source framework dedicated to MLOps abstracting the underlying infrastructure. This detection is included in the AI and LLM category. N...

VMware Enhanced Authentication Plug-in Installed (Windows)

Binary data vmwareenhancedauthenticationplug-inwininstalled.nbin...

CBL Mariner 2.0 Security Update: pytorch (CVE-2024-27319)

The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27319 advisory. - Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the...

Ray Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Ray instance on the target application. Ray is an open-source framework to build and scale Machine Learning ML and Python applications. This detection is included in the AI and LLM category. No...

CBL Mariner 2.0 Security Update: tensorflow / rust / curl (CVE-2023-32001)

The version of tensorflow / rust / curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-32001 advisory. - Rejected reason: We issued this CVE pre-maturely, as we have subsequently realized that th...

CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0215)

The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0215 advisory. - The public API function BIOnewNDEF is a helper function used for...

CBL Mariner 2.0 Security Update: unzip (CVE-2014-8139)

The version of unzip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2014-8139 advisory. - Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers...

CBL Mariner 2.0 Security Update: p7zip (CVE-2018-5996)

The version of p7zip installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2018-5996 advisory. - Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip...