Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2020-12695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a differen...

7.8CVSS6.6AI score0.15193EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2024/11/29 12:0 a.m.7 views

Dell UPnP SUBSCRIBE function Incorrect Default Permissions (CVE-2020-12695)

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. This plugin only works with Tenable.ot...

7.8CVSS6.6AI score0.15193EPSS
Exploits3References33
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.29 views

Rocky Linux 8 : gssdp and gupnp (RLSA-2021:1789)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1789 advisory. - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a differe...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.42 views

NewStart CGSL MAIN 6.02 : gssdp Vulnerability (NS-SA-2022-0065)

The remote NewStart CGSL host, running version MAIN 6.02, has gssdp packages installed that are affected by a vulnerability: - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2022/05/09 12:0 a.m.32 views

NewStart CGSL MAIN 6.02 : gupnp Multiple Vulnerabilities (NS-SA-2022-0060)

The remote NewStart CGSL host, running version MAIN 6.02, has gupnp packages installed that are affected by multiple vulnerabilities: - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different...

8.1CVSS6.8AI score0.15193EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.24 views

AlmaLinux 8 : gssdp and gupnp (ALSA-2021:1789)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1789 advisory. - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.7 views

Mageia: Security Advisory (MGASA-2020-0304)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.15193EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2021/12/29 12:0 a.m.39 views

Slackware Linux 14.0 / 14.1 / 14.2 / current wpa_supplicant Multiple Vulnerabilities (SSA:2021-362-01)

The version of wpasupplicant installed on the remote host is prior to 2.9. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2021-362-01 advisory. - hostapd before 2.10 and wpasupplicant before 2.10 allow an incorrect indication of disconnection in certain situations...

7.9CVSS7.9AI score0.15193EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2021/05/26 12:0 a.m.48 views

Oracle Linux 8 : gssdp / and / gupnp (ELSA-2021-1789)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1789 advisory. gssdp 1.0.5-1 + gssdp-1.0.5-1 - Update to 1.0.5 - Fix SUBSCRIBE misbehaviour - Resolves: 1861928 gupnp 1.0.6-1 + gupnp-1.0.6-1 - Update to 1.0.6 - Fix SUBSCRIBE...

7.8CVSS6.8AI score0.15193EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2021/02/22 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2021-1372)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.15193EPSS
Exploits3References2
Mageia
Mageia
added 2020/12/31 2:32 p.m.47 views

Updated minidlna packages fix security vulnerabilities

It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue CVE-2020-12695. Minidlna before versions 1.3.0 allows remote code execution...

9.8CVSS1.5AI score0.15193EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.35 views

EulerOS Virtualization for ARM 64 3.0.2.0 : wpa_supplicant (EulerOS-SA-2020-1981)

According to the version of the wpasupplicant package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a...

7.8CVSS6.7AI score0.15193EPSS
Exploits3References2
OSV
OSV
added 2020/07/31 11:25 p.m.9 views

MGASA-2020-0304 Updated gssdp/gupnp packages fix security vulnerability

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. CVE-2020-12695...

7.8CVSS7.6AI score0.15193EPSS
Exploits3References3
OSV
OSV
added 2020/06/08 5:15 p.m.1 views

ALPINE-CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...

7.5CVSS6.9AI score0.15193EPSS
Exploits3References1
UbuntuCve
UbuntuCve
added 2020/06/08 5:15 p.m.32 views

CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...

7.8CVSS6.9AI score0.15193EPSS
Exploits3References8
OSV
OSV
added 2020/06/08 5:15 p.m.2 views

UBUNTU-CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...

7.5CVSS6.7AI score0.15193EPSS
Exploits3References9
Rows per page
Query Builder