Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion

Mirasys DVMS Workstation versions 5.12.6 and prior suffer from local file inclusion vulnerabilities. id: CVE-2018-8727 info: name: Mirasys DVMS Workstation =5.12.7 to mitigate the LFI vulnerability. reference: -...

Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)

Question Security Bulletin: Dirty COW Vulnerability CVE-2016-5195 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...

Linux Distros Unpatched Vulnerability : CVE-2024-0812

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python310 (SUSE-SU-2024:2414-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2414-1 advisory. - CVE-2024-4032: Rearranging definition of private v global IP. bsc1226448 Tenable has extracted the...

Rocky Linux 9 : ghostscript (RLSA-2024:3999)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:3999 advisory. ghostscript: OPVP device arbitrary code execution via custom Driver library CVE-2024-33871 Tenable has extracted the preceding description block directly from th...

RHEL 8 : Red Hat OpenStack Platform 17.1 (python-werkzeug) (RHSA-2024:0189)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0189 advisory. Werkzeug is a WSGI utility module. It includes a debugger, request and response objects, HTTP utilities to handle entity tags, cache control headers,...

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.23 (SUSE-SU-2024:1166-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1166-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

CentOS 9 : httpd-2.4.53-11.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the httpd-2.4.53-11.el9 build changelog. - out-of-bounds read/write of zero byte CVE-2006-20001 - Possible request smuggling CVE-2022-36760 - HTTP response splitting CVE-2022-37436...

RHEL 8 : frr (RHSA-2023:5195)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5195 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and...

RHEL 8 : thunderbird (RHSA-2023:3564)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3564 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0. Security Fixes: Mozilla...

medsolsbacken.se Cross Site Scripting vulnerability OBB-3402258

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE SLES12 Security Update : libX11 (SUSE-SU-2023:0667-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0667-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. File data...

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-6984)

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, The cryptographic function utilized to protect the password in MicroLogix is discoverable. This plugin only works...

mediamonitor.pt Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1159700 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Juniper JSA10970

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the JSA10970 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self- reported version numbe...

RHEL 7 : kpatch-patch (RHSA-2019:4171)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:4171 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix:...

Debian DSA-4452-1 : jackson-databind - security update

Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

molex.com XSS vulnerability

Open Bug Bounty ID: OBB-623377 Description| Value ---|--- Affected Website:| molex.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Mozilla Thunderbird < 52.8

The version of Thunderbird installed on the remote Windows host is prior to 52.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-13 advisory. - Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues...

openSUSE Security Update : hdf5 (openSUSE-2018-392)

This update for hdf5 fixes the following issues : - fix security issues arbitary code execution: CVE-2016-4330: H5TARRAY Code Execution boo1011201 CVE-2016-4331: H5ZNBIT Code Execution boo1011204 CVE-2016-4332: Shareable Message Type Code Execution boo1011205 CVE-2016-4333: Array index bounds iss...