Linux Distros Unpatched Vulnerability : CVE-2024-0812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2024:2414-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2414-1 advisory. - CVE-2024-4032: Rearranging definition of private v global IP. bsc1226448 Tenable has extracted the...

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.23 (SUSE-SU-2024:1166-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1166-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

RHEL 8 : thunderbird (RHSA-2023:3564)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3564 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0. Security Fixes: Mozilla...

SUSE SLES12 Security Update : libX11 (SUSE-SU-2023:0667-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0667-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. File data...

Juniper JSA10970

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the JSA10970 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self- reported version numbe...

Debian DSA-4452-1 : jackson-databind - security update

Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Mozilla Thunderbird < 52.8

The version of Thunderbird installed on the remote Windows host is prior to 52.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-13 advisory. - Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues...

openSUSE Security Update : hdf5 (openSUSE-2018-392)

This update for hdf5 fixes the following issues : - fix security issues arbitary code execution: CVE-2016-4330: H5TARRAY Code Execution boo1011201 CVE-2016-4331: H5ZNBIT Code Execution boo1011204 CVE-2016-4332: Shareable Message Type Code Execution boo1011205 CVE-2016-4333: Array index bounds iss...

Solaris 10 (sparc) : 143502-01

GNOME 2.6.0: Trusted Extensions patch. Date this patch was last updated by Sun : Jan/08/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Solaris 10 (sparc) : 140455-01

X11 6.6.2: VNC Viewer patch. Date this patch was last updated by Sun : Jan/05/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

F5 Networks BIG-IP : OpenSSH vulnerability (K20911042)

The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...

openSUSE Security Update : zeromq (openSUSE-2015-409)

zeromq was updated to fix one security issue and two non-security bugs. The following vulnerabilities were fixed : - CVE-2014-9721: zeromq protocol downgrade attack on sockets using the ZMTP v3 protocol boo931978 The following bugs were fixed : - boo912460: avoid curve test to hang for ppc ppc64...

MSA-2015-03: iPass Mobile Client Service Local Privilege Escalation

Mogwai Security Advisory MSA-2015-03 ---------------------------------------------------------------------- Title: iPass Mobile Client service local privilege escalation Product: Hewlett-Packard Universal CMDB UCMDB Affected versions: iPass Mobile Client 2.4.2.15122 Newer version might be also...

F5 Networks BIG-IP : TMM vulnerability (SOL13233)

The remote BIG-IP device is missing a patch required by a security advisory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution SOL13233. The text description of this plugin is C F5 Networks...

Oracle Linux 7 : gnutls (ELSA-2014-0684)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0684 advisory. 3.1.18-9 - fix session ID length check 1102027 - fixes null pointer dereference 1101727 Tenable has extracted the preceding description block directly...

openSUSE Security Update : chromium / v8 (openSUSE-2012-107)

Chromium update to version 18.0.1022 fixes several security issues %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-107. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : ibus-pinyin (openSUSE-SU-2013:1825-1)

This update fixes the following issue with ibus-pinyin : - Fix visible password entry in GNOME lock screen CVE-2013-4509, bnc847718 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

IBM Lotus Domino Authentication Bypass

Exploit Title: IBM Lotus Domino Controller auth. bypass Date:30/11/2011 Author: Alexey Sintsov Software Link: http://www.ibm.com/ Version:8.5.3/8.5.2 FP3 0day Tested on: Windows 7 / Windows 2008 CVE : CVE-2011-1519 Application: IBM Lotus Domino Controller Versions Affected: function onLoadConsole...

VMware Update Manager Directory Traversal

DSECRG-11-042 VMware Update Manager - Directory Traversal Application: VMware Update Manager Versions Affected: vCenter Update Manager 4.1 prior to Update 2, vCenter Update Manager 4.0 prior to Update 4 Vendor URL: http://vmware.com Bugs: Directory Traversal File Read CVE: CVE-2011-4404 CVSS2: 7....