Lucene search
K

58858 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.53 views

Security Updates for Microsoft Visual Studio Products (June 2024)

The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2024-29060, CVE-2024-29187 - A remote code execution...

7.3CVSS8.4AI score0.01354EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.91 views

KB5039212: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (June 2024)

The remote Windows host is missing security update 5039212. It is, therefore, affected by multiple vulnerabilities - Microsoft Speech Application Programming Interface SAPI Remote Code Execution Vulnerability CVE-2024-30097 - Windows Remote Access Connection Manager Information Disclosure...

9.8CVSS7.6AI score0.68202EPSS
Exploits19References30
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.24 views

FreeBSD : Composer -- Multiple command injections via malicious git/hg branch names (5f608c68-276c-11ef-8caa-0897988a1c07)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5f608c68-276c-11ef-8caa-0897988a1c07 advisory. Composer project reports: The status, reinstall and remove commands with packages installed fr...

8.8CVSS7.9AI score0.03255EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.15 views

SUSE SLED15: libblkid-devel / libblkid-devel-32bit / libblkid-devel-static / etc (SUSE-SU-2024:1943-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1943-1 advisory. - CVE-2024-28085: Properly neutralize escape sequences in wall to avoid potential account takeover...

3.3CVSS7AI score0.02242EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.106 views

KB5039217: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2024)

The remote Windows host is missing security update 5039217. It is, therefore, affected by multiple vulnerabilities - Microsoft Speech Application Programming Interface SAPI Remote Code Execution Vulnerability CVE-2024-30097 - Windows Remote Access Connection Manager Information Disclosure...

9.8CVSS7.1AI score0.81729EPSS
Exploits20References33
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.22 views

Oracle Linux 8 : ruby:3.3 (ELSA-2024-3670)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3670 advisory. - Fix buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-37448 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281...

9.8CVSS7.3AI score0.02364EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.87 views

KB5039266: Windows Server 2008 Security Update (June 2024)

The remote Windows host is missing security update 5039266. It is, therefore, affected by multiple vulnerabilities - Microsoft Message Queuing MSMQ Remote Code Execution Vulnerability CVE-2024-30080 - Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability CVE-2024-3007...

9.8CVSS8.2AI score0.43145EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.136 views

KB5039274: Windows Server 2008 R2 Security Update (June 2024)

The remote Windows host is missing security update 5039274. It is, therefore, affected by multiple vulnerabilities - Microsoft Message Queuing MSMQ Remote Code Execution Vulnerability CVE-2024-30080 - Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability CVE-2024-3007...

9.8CVSS8.2AI score0.43145EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.60 views

Google Chrome < 126.0.6478.56 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 126.0.6478.56. It is, therefore, affected by multiple vulnerabilities as referenced in the 202406stable-channel-update-for-desktop advisory. - Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a...

8.8CVSS8.2AI score0.00924EPSS
Exploits1References37
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.10 views

Chef Infra Client Installed (Windows)

Binary data chefinfraclientwininstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.48 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : MySQL vulnerabilities (USN-6823-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6823-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issue...

5.3CVSS6.4AI score0.01107EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.32 views

Hirschmann HiOS Switches Heap-based Buffer Overflow (CVE-2019-12257)

DHCP packets may go past the local area network LAN via DHCP-relays, but are otherwise confined to the LAN. The DHCP-client may be used by VxWorks and in the bootrom. Bootrom, using DHCP/BOOTP, is only vulnerable during the boot-process. This vulnerability may be used to overwrite the heap, which...

8.8CVSS7.8AI score0.84177EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.24 views

AlmaLinux 9 : ruby:3.3 (ALSA-2024:3671)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3671 advisory. ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory...

9.8CVSS7AI score0.02364EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.53 views

PHP 8.3.x < 8.3.8 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.29, 8.2.x prior to 8.2.20, or 8.3.x prior to 8.3.8. It is, therefore, affected by multiple vulnerabilities: - An argument Injection in PHP-CGI with a bypass of CVE-2012-1823...

9.8CVSS8.8AI score0.99998EPSS
Exploits105References6
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.9 views

Chef Infra Client Installed (Unix)

Binary data chefinfraclientnixinstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.117 views

CentOS 7 : glibc (RHSA-2024:3588)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3588 advisory. - The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings ...

8.1CVSS8AI score0.8833EPSS
Exploits16References6
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.12 views

Digest Authentication Bruteforced

The scanner successfully authenticated on the target web application by using weak credentials in the request digest authentication HTTP header. No source data...

7.4AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.27 views

Fedora 40 : galera / mariadb10.11 (2024-6ea93e629b)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-6ea93e629b advisory. MariaDB 10.11.8 & Galera 26.4.18 Release notes: https://mariadb.com/kb/en/mariadb-10-11-7-release-notes/...

4.9CVSS6.5AI score0.00424EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.25 views

Amazon Linux 2023 : ghostscript, ghostscript-gtk, ghostscript-tools-dvipdf (ALAS2023-2024-637)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-637 advisory. NOTE: https://ghostscript.readthedocs.io/en/gs10.03.1/News.htmlNOTE: https://cgit.ghostscript.com/cgi- bin/cgit.cgi/ghostpdl.git/commit/?id=7145885041bb52cc23964f0aa2aec1b1c82b5908 ghostpdl-10.03.1NOTE:...

8.8CVSS7.8AI score0.01425EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.36 views

Hirschmann HiOS Switches Integer Underflow (CVE-2019-12255)

An attacker can either hijack an existing TCP-session and inject bad TCP-segments or establish a new TCP-session on any TCP-port listened to by the target. This vulnerability could lead to a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer...

9.8CVSS7.5AI score0.7525EPSS
Exploits5References13
Rows per page
Query Builder