1258 matches found
CVE-2026-26334
Affected software: Calero VeraSMART (versions prior to 2026 R1). Vulnerability: Hardcoded static AES keys present within Veramark.Framework.dll (Veramark.Core.Config class) are used to encrypt the password of the service account stored in C:\VeraSMART Data\app.settings. Impact chain: An attacker ...
Wireshark 4.6.x < 4.6.3 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 4.6.3. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.6.3 advisory. - SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...
Adobe ColdFusion < 2023.x < 2023u18 / 2025.x < 2025u6 RCE (APSB26-12)
The version of Adobe ColdFusion installed on the remote Windows host is prior to 2023.x update 18 or 2025.x update 6. It is, therefore, affected by a vulnerability in the bundled Apache Tika dependency that could lead to arbitrary code execution. Note that Nessus has not tested for this issue but...
Mozilla Firefox ESR < 140.7
The version of Firefox ESR installed on the remote Windows host is prior to 140.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-03 advisory. - Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox 146, Thunderbird 146, Firefox...
Mozilla Firefox ESR < 115.32
The version of Firefox ESR installed on the remote Windows host is prior to 115.32. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-02 advisory. - Use-after-free in the IPC component. This vulnerability affects Firefox 147, Firefox ESR 115.32, Firefox ESR 140....
CVE-2026-20941
Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...
CVE-2026-20941
Improper link resolution before file access 'link following' in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally...
CVE-2024-39342
Entrust Instant Financial Issuance formerly known as Cardwizard 6.10.0, 6.9.0, 6.9.1, 6.9.2, and 6.8.x and earlier uses a DLL library i.e. DCG.Security.dll with a custom AES encryption process that relies on static hard-coded key values. These keys are not uniquely generated per installation of t...
National Instruments LabVIEW 2022 < 2022 Q3 Patch 7 / 2023 < 2023 Q3 Patch 8 / 2024 Q3 Patch 5 / 20205 < 2025 Q3 Patch 3 Multiple Vulnerabilities
The version of National Instruments NI LabVIEW installed on the remote Windows host is affected by multiple memory corruption vulnerabilities that may result in information disclosure or arbitrary code execution, including the following: - There is an out of bounds write vulnerability in NI LabVI...
Google Chrome < 143.0.7499.192 Vulnerability
The version of Google Chrome installed on the remote Windows host is prior to 143.0.7499.192. It is, therefore, affected by a vulnerability as referenced in the 202601stable-channel-update-for-desktop advisory. - Insufficient policy enforcement in WebView tag in Google Chrome prior to...
Dell SupportAssist Privilege Escalation (DSA-2025-445)
The remote Windows host contains an installation of Dell SupportAssist that is affected by an elevation of privilege vulnerability: - Dell SupportAssist for Home PCs versions 4.8.2.29006 and prior and Dell SupportAssist for Business PCs versions 4.9.0.40943 and prior contain a UNIX Symbolic Link...
Mozilla Firefox < 48.0
The version of Firefox installed on the remote Windows host is prior to 48.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2016-83 advisory. - bypass FireFox Secure Connection Failed prompt to whitelist any site but doesn't workCVE-2016-5268 CVE-2016-5268 Note that Nessu...
Mozilla Firefox ESR < 17.0.6
The version of Firefox ESR installed on the remote Windows host is prior to 17.0.6. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-42 advisory. - Call content level constructor as if from a chrome/privileged pageCVE-2013-1670 CVE-2013-1670 Note that Nessus has not...
Mozilla Firefox < 20.0
The version of Firefox installed on the remote Windows host is prior to 20.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-40 advisory. - CERTDecodeCertPackage reads bytes outside the input bufferCVE-2013-0791 CVE-2013-0791 Note that Nessus has not tested for this...
Mozilla Firefox < 40.0
The version of Firefox installed on the remote Windows host is prior to 40.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2015-83 advisory. - crash in @ stagefright::SampleTable::isValid with h264 mp4CVE-2015-4480 CVE-2015-4480 - MPEG4 saio Chunk Integer Overfl...
Mozilla Firefox < 21.0
The version of Firefox installed on the remote Windows host is prior to 21.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-42 advisory. - Call content level constructor as if from a chrome/privileged pageCVE-2013-1670 CVE-2013-1670 Note that Nessus has not tested fo...
Exploit for Improper Neutralization of Line Delimiters in Cacti
███╗ ███╗ ██████╗ ███╗ ██╗██╗████████╗ ██████╗ ██████╗ █...
Mozilla Thunderbird < 146.0
The version of Thunderbird installed on the remote Windows host is prior to 146.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-95 advisory. - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox 146, Firefox ESR 140.6,...
RaidenFTPD Server >= 2.4.4005 Insecure Permissions Vulnerability
RaidenFTPD Server allows a local attacker to gain privileges and execute arbitrary code via crafted executable running from the installation directory. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Mozilla Thunderbird < 52.3
The version of Thunderbird installed on the remote Windows host is prior to 52.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-20 advisory. - Mozilla developers and community members Masayuki Nakano, Gary Kwong, Ronald Crane, Andrew McCreight, Tyson Smith,...