2382 matches found
SolarWinds Web Help Desk < 12.8.3 HF 3 Java Deserialization RCE
The version of SolarWinds Web Help Desk installed on the remote host is prior to 12.8.3 HF3. It is, therefore, affected by a Java deserialization remote-code execution vulnerability, that, if exploited, would allow an attacker to run commands on the host machine. Note that Nessus has not tested f...
Qnap QTS and myQNAPcloud SQL Injection (CVE-2024-21901)
A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 2023/11/24 and later QTS...
Qnap QTS Classic Buffer Overflow (CVE-2023-50362)
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...
CentOS 7 : firefox (RHSA-2022:6997)
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6997 advisory. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has...
PostgreSQL pgAdmin4 Installed (Windows)
Binary data postgresqlpgadmin4wininstalled.nbin...
NuGet Package 'Microsoft.ML.Mkl.Redist' Detection
The remote host has a 'Microsoft.ML.Mkl.Redist' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
NuGet Package 'Microsoft.ML.CodeGenerator' Detection
The remote host has a 'Microsoft.ML.CodeGenerator' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc';...
NuGet Package 'Microsoft.SemanticKernel.Abstractions' Detection
The remote host has a 'Microsoft.SemanticKernel.Abstractions' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc...
Progress Telerik UI for WPF Installed
Binary data progresstelerikuiforwpfinstalled.nbin...
NuGet Package 'Microsoft.ML' Detection
The remote host has a 'Microsoft.ML' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descriptio...
NVIDIA Container Toolkit Installed (Linux)
Binary data nvidiacontainertoolkitnixinstalled.nbin...
Adobe Commerce / Magento Installed (Linux)
Binary data adobecommercenixinstalled.nbin...
Laravel Weak Secret Key
Laravel applications use an application key to encrypt and sign various data, including session cookies and other sensitive information. This key is typically stored in the .env file and is used for multiple security-critical operations. When a weak or easily guessable application key is used, it...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2024:3337-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3337-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. Tenable has extracted the preceding descripti...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2024:3338-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3338-1 advisory. The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. Tenable has extracted the preceding descripti...
Apple iOS < 18 Multiple Vulnerabilities (121250)
Binary data appleios18check.nbin...
GitLab 16.4 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-8124)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.1.7, starting from 17.2 prior to 17.2.5, starting from 17.3 prior to 17.3.2 which could cause Denial of...
Sequelize Configuration File Detected
Sequelize is a promise-based Node.js ORM tool for databases engines. Sequelize CLI uses by default a configuration file in 'config' directory to store the environment and database information. By accessing it, an attacker could leverage the vulnerability to gain unauthorized and privileged access...
EulerOS 2.0 SP9 : libldb (EulerOS-SA-2024-2396)
According to the versions of the libldb package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : MaxQueryDuration not honoured in Samba AD DC LDAPCVE-2021-3670 Tenable has extracted the preceding description block directly from the EulerOS libl...
GitLab 16.5 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-4472)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...