167 matches found
Mozilla Firefox SEoL (134.x)
According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...
Wireshark SEoL (3.6.x)
According to its version, Wireshark is 3.6.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...
Mozilla Thunderbird SEoL (52.x)
According to its version, Mozilla Thunderbird version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may...
Mozilla Thunderbird SEoL (13.x)
According to its version, Mozilla Thunderbird version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may...
Wireshark SEoL (2.2.x)
According to its version, Wireshark is 2.2.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...
Wireshark SEoL (4.2.x)
According to its version, Wireshark is 4.2.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...
Mozilla Firefox ESR SEoL (91.x)
According to its version, Mozilla Firefox ESR version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may...
CVE-2024-13311
CVE-2024-13311 describes a vulnerability in Drupal related to the Allow All File Extensions for file fields feature. The consolidated records indicate Drupal’s file field extension filtering can be bypassed, enabling potential impact to file handling. The available metrics from the CVE entry show...
CVE-2024-13300
CVE-2024-13300 concerns a vulnerability in the Drupal Print Anything module. Connected sources describe a remote code execution impact stemming from insufficient input validation in the Print Anything module, affecting all versions and enabling an attacker to execute arbitrary code. The issue is ...
CVE-2024-13300 Print Anything - Critical - Unsupported - SA-CONTRIB-2024-066
Vulnerability in Drupal Print Anything.This issue affects Print Anything:...
CVE-2024-13299 Megamenu Framework - Critical - Unsupported - SA-CONTRIB-2024-065
Vulnerability in Drupal Megamenu Framework.This issue affects Megamenu Framework:...
CVE-2024-13299
Summary: CVE-2024-13299 applies to the Drupal Megamenu Framework module. The issue is caused by insufficient input validation in the Megamenu Framework component, which can be exploited by a remote attacker to execute arbitrary code. What’s affected: Megamenu Framework module for Drupal (versions...
CVE-2024-13285 wkhtmltopdf - Highly critical - Unsupported - SA-CONTRIB-2024-049
Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf:...
XenServer 6.x/7.x unsupported with Citrix DaaS and CVAD
XenServer 6.x and 7.x have been end-of-life and are unsupported. Customers still using these versions will see host connections no longer functioning when used with Citrix DaaS and Citrix Virtual Apps and Desktops Version 2411 & later...
CVE-2024-21236
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2024-21218
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2024-21201
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
CVE-2024-21241
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
GHSA-VGXQ-6RCF-QWRW angular-base64-upload vulnerable to unauthenticated remote code execution
angular-base64-upload versions prior to v0.1.21 are vulnerable to unauthenticated remote code execution via the angular-base64-upload/demo/server.php endpoint. Exploitation of this vulnerability involves uploading arbitrary file content to the server, which can subsequently accessed through the...
CVE-2024-43407
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...