58858 matches found
FreeBSD : Gitlab -- Vulnerabilities (92cd1c03-2940-11ef-bc02-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 92cd1c03-2940-11ef-bc02-001b217b3468 advisory. Gitlab reports: ReDoS in gomod dependency linker ReDoS in CI interpolation fix bypass ReDoS in...
Azure Identity SDK < 4.2.1
The version of Azure Identity installed on the remote host is prior to 4.2.1. It is, therefore, affected by a vulnerability: - Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability CVE-2024-35255 Note that Nessus has not tested for this issue but has...
Artifex Ghostscript < 10.03.1 Multiple Vulnerabilities
Multiple vulnerabilities exist in Artifex Ghostscript versions prior to 10.03.1. See vendor advisory for more details. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc...
Exploit for Unrestricted Upload of File with Dangerous Type in Likeshop
Badges !MIT Licensehttps://img.shields.io/badge/Licens...
Intel oneVPL GPU Runtime Installed (Linux)
Binary data intelonevplgpuruntimelinuxinstalled.nbin...
Windows Recall Enabled
Binary data windowsrecallinstalled.nbin...
GitLab 8.4 < 16.10.7 / 16.11 < 16.11.4 / 17.0 < 17.0.2 (CVE-2024-1963)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. A vulnerability in...
FreeBSD : plasma[56]-plasma-workspace -- Unauthorized users can access session manager (479df73e-2838-11ef-9cab-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 479df73e-2838-11ef-9cab-4ccc6adda413 advisory. David Edmundson reports: KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based...
RHEL 9 : containernetworking-plugins (RHSA-2024:3831)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3831 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfaces in Lin...
GitLab 13.1 < 16.10.7 / 16.11 < 16.11.4 / 17.0 < 17.0.2 (CVE-2024-1495)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. It was possible f...
RHEL 9 : gvisor-tap-vsock (RHSA-2024:3830)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3830 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for...
Amazon Linux 2 : cri-tools (ALAS-2024-2568)
The version of cri-tools installed on the remote host is prior to 1.29.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2568 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of...
SUSE SLED15: kernel-firmware-nvidia-gspx-G06 / etc (SUSE-SU-2024:1990-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1990-1 advisory. Security Update 550.90.07: - CVE-2024-0090: Fixed out of bounds write bsc1223356. - CVE-2024-009...
Zyxel Device Detection
Binary data zyxeldevicedetect.nbin...
System Asset Info Enumeration (Windows)
Binary data microsoftwindowsassetinfoenum.nbin...
Zyxel NAS Device Web UI Detection
Binary data zyxeldetectnasloginUI.nbin...
Oracle Linux 7 : bind, / bind-dyndb-ldap, / and / dhcp (ELSA-2024-3741)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3741 advisory. - Prevent increased CPU consumption in DNSSEC validator CVE-2023-50387 CVE-2023-50868 - Speed up parsing of DNS messages with many different names...
KB5039274: Windows Server 2008 R2 Security Update (June 2024)
The remote Windows host is missing security update 5039274. It is, therefore, affected by multiple vulnerabilities - Microsoft Message Queuing MSMQ Remote Code Execution Vulnerability CVE-2024-30080 - Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability CVE-2024-3007...
KB5039227: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (June 2024)
The remote Windows host is missing security update 5039227. It is, therefore, affected by multiple vulnerabilities - Microsoft Speech Application Programming Interface SAPI Remote Code Execution Vulnerability CVE-2024-30097 - Windows Remote Access Connection Manager Information Disclosure...
Google Chrome < 126.0.6478.56 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 126.0.6478.56. It is, therefore, affected by multiple vulnerabilities as referenced in the 202406stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a...