58858 matches found
RHEL 8 : container-tools:rhel8 update (Moderate) (RHSA-2024:3968)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3968 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman:...
Fedora 40 : kitty (2024-15039ba9f9)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-15039ba9f9 advisory. rebuild for rhbz2292712 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Sensormatic Electronics Illustra Pro Gen 4 Active Debug Code (CVE-2023-0954)
A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...
Oracle Linux 8 : flatpak (ELSA-2024-3961)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3961 advisory. - Update to 1.12.9 CVE-2024-32462 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...
Oracle Linux 9 : flatpak (ELSA-2024-3959)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3959 advisory. 1.12.9-1 - Update to 1.12.9 CVE-2024-32462 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
Fedora 39 : galera / mariadb (2024-d61bffd77f)
The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-d61bffd77f advisory. MariaDB 10.5.25 & Galera 26.4.18 Release notes: https://mariadb.com/kb/en/mariadb-10-5-25-release-notes/ Tenable has extracted the preceding description bloc...
Ivanti Endpoint Manager < 2022 (CVE-2024-22058)
The version of Ivanti Endpoint Manager installed on the remote host is prior to 2022. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22058 advisory. - A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute...
SUSE SLES15: apache2-mod_php7 / php7 / php7-bcmath / php7-bz2 / php7-calendar / etc (SUSE-SU-2024:2038-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2038-1 advisory. - CVE-2024-5458: Fixed an issue that allows to bypass filters in filtervar FILTERVALIDATEURL. bsc1226073 Tenable has extracted...
SUSE SLES15: apache2-mod_php8 / php8 / php8-bcmath / php8-bz2 / php8-calendar / etc (SUSE-SU-2024:2039-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2039-1 advisory. - CVE-2024-5458: Fixed an issue that allows to bypass filters in filtervar FILTERVALIDATEURL. bsc1226073 Tenable has extracted...
Fedora 39 : booth (2024-17e71fc540)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-17e71fc540 advisory. Security fix for CVE-2024-3049 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...
Fedora 40 : booth (2024-8a545718b1)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-8a545718b1 advisory. Security fix for CVE-2024-3049 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...
FreeBSD : traefik -- Unexpected behavior with IPv4-mapped IPv6 addresses (219aaa1e-2aff-11ef-ab37-5404a68ad561)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 219aaa1e-2aff-11ef-ab37-5404a68ad561 advisory. The traefik authors report: There is a vulnerability in Go managing various Is methods IsPrivate,...
FreeBSD : go -- multiple vulnerabilities (a5c64f6f-2af3-11ef-a77e-901b0e9408dc)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a5c64f6f-2af3-11ef-a77e-901b0e9408dc advisory. The Go project reports: archive/zip: mishandling of corrupt central directory record The...
Exploit for Path Traversal in Solarwinds Serv-U
CVE-2024-28995 PoC and Bulk Scanner Overview This reposit...
SUSE SLES15 / openSUSE 15 Security Update : python-pymongo (SUSE-SU-2024:1571-2)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1571-2 advisory. - CVE-2024-21506: Fixed out-of-bounds read in the BSON module bsc1222492 Tenable has extracted the preceding description block directly fr...
CData Path Traversal
CData API Server 23.4.8844, CData Connect 23.4.8846, CData Arc 23.4.8839, CData Sync 23.4.8843 when running using the embedded Jetty server is affected by a vulnerability allowing an unauthenticated attacker to access unauthorized resources via a specially crafted request. No source data...
Rejetto HTTP File Server 2.x Remote Code Execution
Rejetto HTTP File Server 2.x, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. No source data...
Mongo-Express Detection
Binary data mongoexpressdetect.nbin...
SolarWinds Serv-U < 15.4.2 HF 2 Directory Traversal
SolarWinds Serv-U versions prior to 15.4.2 HF 2 is vulnerable to a directory traversal allowing an unauthenticated attacker to access sensitive files via a specially crafted request. No source data...
Keycloak Installed (Linux)
Binary data keycloaknixinstalled.nbin...