49 matches found
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-46219)
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...
Security Bulletin: IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Real Time Action and Base Module affected by multiple vulnerabilities (CVE-2023-46219, CVE-2023-46218, CVE-2023-52071, CVE-2024-0853)
Summary Vulnerabilities contained within libcurl a 3rd party component were addressed in the IBM MaaS360 Cloud Extender Agent, Configuration Utility, Email Notification, Realtime Action and Base Modules. Vulnerability Details CVEID:CVE-2023-46219 DESCRIPTION: cURL libcurl could allow a remote...
Linux Distros Unpatched Vulnerability : CVE-2023-46219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS...
Azure Linux 3.0 Security Update: cmake / curl / mysql (CVE-2023-46219)
The version of cmake / curl / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46219 advisory. - When saving HSTS data to an excessively long file name, curl could end up removing all content...
CVE-2023-46219 affecting package mysql for versions less than 8.0.40-1
CVE-2023-46219 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-46219 affecting package mysql for versions less than 8.0.40-1
CVE-2023-46219 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...
GLSA-202409-20 : curl: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202409-20 curl: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...
CBL Mariner 2.0 Security Update: cmake / curl / mysql (CVE-2023-46219)
The version of cmake / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46219 advisory. - When saving HSTS data to an excessively long file name, curl could end up removing all content...
Photon OS 4.0: Curl PHSA-2024-4.0-0623
An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0623. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server Liberty and libcurl may affect IBM Storage Protect Backup-Archive Client
Summary IBM Storage Protect Backup-Archive Client can be affected by security flaws in IBM WebSphere Application Server Liberty and libcurl. The flaws can lead to weaker than expected security for outbound TLS connections and bypass of security restrictions, as described in the "Vulnerability...
Security Bulletin: Vulnerabilities in libcurl, cURL and Linux Kernel might affect IBM Storage Copy Data Management
Summary IBM Storage Copy Data Management can be affected by vulnerabilities in libcurl, cURL and Linux Kernel. Vulnerabilities include an attacker could exploit these vulnerabilities to overflow a buffer and execute arbitrary code on the system, to insert cookies at will into a running program, t...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1737)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1760)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : curl (EulerOS-SA-2024-1760)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware ...
EulerOS Virtualization 2.11.1 : curl (EulerOS-SA-2024-1606)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using...
EulerOS Virtualization 2.11.0 : curl (EulerOS-SA-2024-1625)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using...
Nessus Network Monitor < 6.4.0 Multiple Vulnerabilities (TNS-2024-07)
According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-07 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1543)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1524)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP3 security update
Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 3 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...