PT-2024-27138 · Trendnet · Tew-827Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-827DRU versions 2.06B04 and earlier Description: The issue is a stack-based buffer overflow in the ssi binary, allowing an authenticated user to execute arbitrary code. This can be achieved by sending a POST request to "apply.cgi...

RHEL 7 : gdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code...

RHEL 7 : podman (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - podman: Privilege escalation in API component CVE-2019-25067 - An incorrect handling of the supplementary...

PT-2024-27137 · Trendnet · Trendnet Tew-827Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-827DRU versions 2.06B04 and earlier Description: The issue is a stack-based buffer overflow in the ssi binary, allowing an authenticated user to execute arbitrary code. This can be achieved by sending a POST request to the...

RHEL 4 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: Address violation in aarch64extldstreglist function when disassembling corrupt aarch64 binary...

SUSE CVE-2024-23947

Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the...

SUSE CVE-2024-23950

Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the...

Rockwell Studio 5000 Logix Designer Installed (Windows)

Binary data rockwellstudio5000logixdesignerwininstalled.nbin...

gnome-shell Installed (Linux / UNIX)

Binary data gnomeshellinstallednix.nbin...

PT-2024-36477 · Luxion · Luxion Keyshot

Name of the Vulnerable Software and Affected Versions: Luxion KeyShot affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this, where the target must visit a...

Ubuntu Pro Subscription Detection

The remote Ubuntu host has an active Ubuntu Pro subscription. %NASLMINLEVEL 80900 include"compat.inc"; if description scriptid198218; scriptversion"1.2"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/07/05"; scriptnameenglish:"Ubuntu Pro Subscription Detection";...

protobuf-java: timeout in parser leads to DoS

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...

Justice AV Solutions JVS Viewer Installed (Windows)

Binary data justiceavsolutionsjavsviewerinstalled.nbin...

Veritas System Recovery Installed (Windows)

Binary data veritassystemrecoverywininstalled.nbin...

EulerOS 2.0 SP12 : python-paramiko (EulerOS-SA-2024-1750)

According to the versions of the python-paramiko package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...

Oracle Linux 8 : gdk-pixbuf2 (ELSA-2024-3341)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3341 advisory. - Backport fixes for CVE-2022-48622 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Check Point Quantum Gateway Directory Traversal (Direct Check)

Binary data checkpointgaiaCVE-2024-24919.nbin...

EulerOS 2.0 SP12 : proftpd (EulerOS-SA-2024-1771)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash...

EulerOS 2.0 SP12 : shim (EulerOS-SA-2024-1776)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summar...

Cybercriminals Abuse Stack Overflow to Promote Malicious Python Package

Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index PyPI repository to facilitate cryptocurrency theft as part of a broader campaign. The package in question is pytoileur, which has been downloaded 316 times as of writing...