Lucene search
K

58858 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.26 views

Rocky Linux 8 : grafana (RLSA-2024:3265)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3265 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 grafana: vulnerable to authorization bypass CVE-2024-1313...

7.5CVSS7.9AI score0.01533EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/14 12:0 a.m.16 views

CData Path Traversal

CData API Server 23.4.8844, CData Connect 23.4.8846, CData Arc 23.4.8839, CData Sync 23.4.8843 when running using the embedded Jetty server is affected by a vulnerability allowing an unauthenticated attacker to access unauthorized resources via a specially crafted request. No source data...

9.8CVSS7.2AI score0.08151EPSS
Exploits1References6
Wordfence Blog
Wordfence Blog
added 2024/06/13 3:35 p.m.80 views

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 3, 2024 to June 9, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest...

10CVSS9.9AI score0.10161EPSS
Exploits49
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.8 views

PHP Scripting Language Installed (Windows)

Binary data phpwininstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.24 views

FreeBSD : Gitlab -- Vulnerabilities (92cd1c03-2940-11ef-bc02-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 92cd1c03-2940-11ef-bc02-001b217b3468 advisory. Gitlab reports: ReDoS in gomod dependency linker ReDoS in CI interpolation fix bypass ReDoS in...

6.5CVSS5.5AI score0.00575EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.4 views

PT-2024-23334

Name of the Vulnerable Software and Affected Versions Famatech Advanced IP Scanner affected versions not specified Description This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target...

7.3CVSS7.6AI score0.00414EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.16 views

Oracle Linux 9 : python-idna (ELSA-2024-3846)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3846 advisory. 2.10-7.0.1.1 - Rebuild with release bump 2.10-7.1 - Security fix for CVE-2024-3651 Resolves: RHEL-33464 Tenable has extracted the preceding description block...

7.5CVSS6.9AI score0.01386EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.19 views

Adobe Substance 3D Stager < 3.0.2 Multiple Vulnerabilities (APSB24-43) (macOS)

The version of Adobe Substance 3D Stager installed on the remote macOS host is prior to 3.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-43 advisory. Successful exploitation could lead to arbitrary code execution in the context of the current user. Note th...

7.8CVSS6.2AI score0.0043EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.23 views

Oracle Linux 9 : gvisor-tap-vsock (ELSA-2024-3830)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3830 advisory. - rebuild for CVE-2023-45290 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

6.5CVSS7.3AI score0.01165EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.20 views

Adobe ColdFusion < 2021.x < 2021u14 / 2023.x < 2023u8 Multiple Vulnerabilities (APSB24-41)

The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 14 or 2023.x update 8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-41 advisory. - Improper Access Control CWE-284 potentially leading to Arbitrary file system read...

7.5CVSS5.8AI score0.237EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.5 views

PHP Scripting Language Installed (Unix)

Binary data phpnixinstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.25 views

SAP NetWeaver AS Java DoS (3460407)

SAP NetWeaver Application Server for Java is affected by denial of service vulnerability: - Due to unrestricted access to the Meta Model Repository services in SAP NetWeaver AS Java, attackers can perform DoS attacks on the application, which may prevent legitimate users from accessing it. This c...

7.5CVSS5.5AI score0.00541EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.29 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12433)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12433 advisory. - x86/staticcall: Add support for Jcc tail-calls Peter Zijlstra CVE-2022-29901 CVE-2022-23816 Tenable has extracted the preceding description block directl...

6.5CVSS6.9AI score0.04947EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.22 views

SAP NetWeaver AS ABAP DoS (3453170)

SAP NetWeaver and ABAP platform allows an attacker to impede performance for legitimate users by crashing or flooding the service. An impact of this Denial of Service vulnerability might be long response delays and service interruptions, thus degrading the service quality experienced by legitimat...

6.5CVSS5.5AI score0.00412EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2024/06/13 12:0 a.m.17 views

(0Day) Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.3CVSS7.5AI score0.00414EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.180 views

Artifex Ghostscript < 10.03.1 Multiple Vulnerabilities

Multiple vulnerabilities exist in Artifex Ghostscript versions prior to 10.03.1. See vendor advisory for more details. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc...

8.8CVSS6.8AI score0.27992EPSS
Exploits6References6
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.31 views

Ubuntu 16.04 LTS / 18.04 LTS : H2 vulnerabilities (USN-6834-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6834-1 advisory. It was discovered that H2 was vulnerable to deserialization of untrusted data. An attacker could possibly use this issue to execute arbitrary...

10CVSS9.1AI score0.64766EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.33 views

Zoom Workplace Desktop App < 5.17.11 Divide By Zero Vulnerability (ZSB-24018)

The version of Zoom Workplace Desktop App installed on the remote host is prior to 5.17.11. It is, therefore, affected by a vulnerability as referenced in the ZSB-24018 advisory. - Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service v...

6.5CVSS5.5AI score0.00594EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.118 views

PHP-CGI Argument Injection CVE-2024-4577 (Direct Check)

Binary data phpargumentinjectioncve-2024-4577.nbin...

9.8CVSS9.6AI score0.99987EPSS
Exploits64References2
Tenable Nessus
Tenable Nessus
added 2024/06/13 12:0 a.m.12 views

SAP NetWeaver AS ABAP XSS (3450286)

Due to missing input validation and output encoding of untrusted data, SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject malicious JavaScript code into the dynamically crafted web page. On successful exploitation the attacker can access or modify...

6.1CVSS5.5AI score0.00404EPSS
Exploits0References2
Rows per page
Query Builder