Lucee Authenticated Scheduled Job Code Execution

class MetasploitModule 'Lucee Authenticated Scheduled Job Code Execution', 'Description' = %q This module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for an administrator to create a scheduled job that queries a remote...

Malicious Package

Overview tradeshift-ui-docs is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packag...

SUSE CVE-2016-0789

CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...

Malicious code in sa-docs-to-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70b9f8969d70ff8ef6b6fb6844384b3c90472a21d74988fad9a9d07349cf4c7d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tradeshift-ui-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d51029431396577ccfb0afdac8c2f5ade3ed3cbc43cbd4e81b5ca9051fccbf6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-753 Malicious code in sa-docs-to-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70b9f8969d70ff8ef6b6fb6844384b3c90472a21d74988fad9a9d07349cf4c7d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-900 Malicious code in tradeshift-ui-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d51029431396577ccfb0afdac8c2f5ade3ed3cbc43cbd4e81b5ca9051fccbf6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora: Security Advisory for python3-docs (FEDORA-2022-e699dd5247)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python3-docs (FEDORA-2022-dbb811d203)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 36 : python3-docs / python3.10 (2022-e699dd5247)

The remote Fedora 36 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-e699dd5247 advisory. Update to 3.10.9 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 36 : python3-docs / python3.10 (2022-362bd01539)

The remote Fedora 36 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-362bd01539 advisory. Python 3.10.8 is the newest major release of the Python programming language, and it contains many new features and optimizations...

[SECURITY] Fedora 36 Update: python3.12-3.12.0~a3-1.fc36

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

Low: Red Hat Security Advisory: RHACS 3.73 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security RHACS. The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

[SECURITY] Fedora 37 Update: python3.10-3.10.8-3.fc37

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

This Week in Spring - November 22nd, 2022 - Spring Boot 3 and Thanksgiving edition!

Hi, Spring fans! Its Tuesday, the 22nd of November, 2022, as I write this, which means were two days away from Spring Boot 3 and Thanksgiving. Spring Boot 3, Ive written about in abundance so I wont rehash that. If you want to learn more about some of the amazing new features in Spring Framework ...

AlmaLinux 9 : qemu-kvm (ALSA-2022:5263)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5263 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

Fedora: Security Advisory for python3-docs (FEDORA-2022-362bd01539)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: python3-docs-3.10.8-1.fc36

The python3-docs package contains documentation on the Python 3 programming language and interpreter...

Read the Docs vulnerable to Cross-Site Scripting (XSS)

Impact This vulnerability allowed a malicious user to serve arbitrary HTML files from the main application domain readthedocs.org/readthedocs.com by exploiting a vulnerability in the code that serves downloadable content from a project. Exploiting this would have required the attacker to get a...

Fedora: Security Advisory for python3-docs (FEDORA-2022-a9a4c48d06)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...