7 matches found
Fedora: Security Advisory (FEDORA-2025-7fd2f66440)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : vaultwarden (2025-7fd2f66440)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7fd2f66440 advisory. update to 1.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...
Fedora 41 : vaultwarden (2025-41f4056b0e)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-41f4056b0e advisory. update to 1.33.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...
CVE-2025-24364
vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Attacker with authenticated access to the vaultwarden admin panel can execute arbitrary code in the system. The attacker could then change some settings to use sendmail as mail agent but adjus...
CVE-2025-24364
creationtimestamp| type| source ---|---|--- 2025-01-27 17:48:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113901574697474273 2025-01-27 18:16:21+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqkdgggem2w 2025-01-27 20:11:24+00:00| seen|...
CVE-2025-24364 vaultwarden allows RCE in the admin panel
vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Attacker with authenticated access to the vaultwarden admin panel can execute arbitrary code in the system. The attacker could then change some settings to use sendmail as mail agent but adjus...
CVE-2025-24364
CVE-2025-24364 affects vaultwarden (Unofficial Bitwarden server) written in Rust. The vuln requires authenticated access to the vaultwarden admin panel and allows arbitrary code execution by manipulating mail settings to trigger shell commands, with a specially crafted favicon used to embed comma...