The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in insufficient validation of input data, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to execute arbitrary code...

[SECURITY] Fedora 41 Update: pytest-8.3.4-1.fc41

The pytest framework makes it easy to write small tests, yet scales to support complex functional testing for applications and libraries...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50163)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50163 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49977)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49977 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix zero-division error whe...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-47710)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47710 advisory. - In the Linux kernel, the following vulnerability has been resolved: sockmap: Add a condresched in sockhashfr...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49954)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49954 advisory. - In the Linux kernel, the following vulnerability has been resolved: staticcall: Replace pointless WARNON in...

Mozilla Thunderbird < 115.18

The version of Thunderbird installed on the remote Windows host is prior to 115.18. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-70 advisory. - Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP frame-src bypass and DOM-based XS...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50142)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50142 advisory. - In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using ...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50019)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50019 advisory. - In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50236)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50236 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in...

CBL Mariner 2.0 Security Update: binutils (CVE-2022-47011)

The version of binutils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-47011 advisory. - An issue was discovered function parsestabstructfields in stabs.c in Binutils 2.34 thru 2.38, allows...

Microsoft Security Update Validation Report December 2024

Microsoft’s December 2024 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing softwa...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49938)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49938 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for...

[SECURITY] Fedora 40 Update: python3.9-3.9.21-1.fc40

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

CVE-2024-55652

PenDoc is a penetration testing reporting application. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expressions that escape the JavaScript sandbox to execute arbitrary code on the system. An attacker who can control the...

GitLab 17.3 < 17.4.6 / 17.5 < 17.5.4 / 17.6 < 17.6.2 (CVE-2024-8179)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in GitLab CVE-2024-8179 Note that Nessus has not tested for this issue but has instead relied only on the application...

CVE-2024-55652

CVE-2024-55652 affects PenDoc (also referenced as PwnDoc) where, prior to a particular commit, an attacker able to control a DOCX template could inject expressions that escape the JavaScript sandbox and execute arbitrary code on the host. The root cause is a template processing flaw that allowed ...

CVE-2024-55652 PwnDoc Server-Side Template Injection vulnerability - Sandbox Escape to RCE using custom filters

PenDoc is a penetration testing reporting application. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an attacker can write a malicious docx template containing expressions that escape the JavaScript sandbox to execute arbitrary code on the system. An attacker who can control the...

Oracle Siebel CRM (April 2016 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2016 CPU advisory. - Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 8.1.1...

The vulnerability of the SAP NetWeaver Administrator software-related to insufficient validation of requests on the server side allows a attacker to execute an SSRF attack.

The vulnerability of the SAP NetWeaver Administrator software relates to insufficient testing of server-side requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...