15 matches found
EUVD-2026-31936
Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with AllowAnonymous, allowing completely unauthenticated access to page images from any chapter in any library. While the endpoint accepts an apiKey parameter, it is never validated. Sin...
EUVD-2026-8896
Umbraco.Engage.Forms Allows Unauthorized Access to Multiple API Endpoints...
MacOS X Applications Enumerated Software Report
Reports details about software enumerated from installed MacOS X applications TRUSTED...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an array out-of-bounds when accessing enumerated types in wc938x...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an array out-of-bounds when accessing enumerated types in va-macro...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an array out-of-bounds when accessing enumerated types in rx-macro...
Security Updates for Microsoft Office Online Server (September 2024)
The Microsoft Office Web Apps installation on the remote host is missing a security update. It is, therefore, affected by the following: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2024-43465 Note that Nessus has not tested for this iss...
Juniper NetScreen VPN Client Detection
The remote host has the Juniper NetScreen VPN Client installed. C Tenable Network Security. Inc. include"compat.inc"; if description scriptid70120; scriptversion"1.10"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/02/06"; scriptxrefname:"IAVT", value:"0001-T-0914";...
Scientific Toolworks Understand 'wintab32.dll' DLL Loading Arbitrary Code Execution
The version of Scientific Toolworks Understand installed on the remote Windows host is earlier than 2.6 Build 600. As such, it insecurely looks in its current working directory when resolving DLL dependencies, such as for 'wintab32.dll'. Attackers may exploit this issue by placing a specially...
Get OS X 10.7 Hashes
Added: 07/14/2011 Background This tool attempts to retrieve the SHA 512 password hashes stored by OS X Lion 10.7.x Acounts are enumerated using dscl . list /Users/ and password hashes are eunmerated using dscl . read /Users/ Limitations A connection to the target is required to run this tool. The...
BlackBerry Desktop Manager Intellisync ActiveX Control Arbitrary Remote Code Execution
The version of the Lotus Notes Intellisync component 'lnsresobject.dll' included with the BlackBerry Desktop Software installation on the remote host reportedly contains an unspecified error that can be exploited to execute arbitrary code. If an attacker can trick a user on the affected host into...
Wyse Device Manager Buffer Overflow
Wyse Device Manager is installed on the remote system. The installed version is affected by a buffer overflow vulnerability. By sending a specially crafted request to the server, it may be possible for an unauthorized attacker to crash the server or execute arbitrary commands on the remote system...
Altiris Deployment Solution Agent < 6.9.355 Local Privilege Escalation (SYM08-019)
The version of the Altiris Deployment Solution Agent installed on the remote host is affected by a local privilege escalation issue. Successful exploitation of this issue could allow an authorized non-privileged user to gain local system access on the client system. C Tenable Network Security, In...
Windows Kernel Elevation of Privilege Vulnerability (954211)
This host is missing a critical security update according to Microsoft Bulletin MS08-061. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Adobe Acrobat < 6.0.5 PDF Distillation Overflow
The version of Adobe Acrobat installed on the remote host is earlier than 6.0.5 and is reportedly affected by a buffer overflow that may be triggered when distilling a specially crafted file to PDF. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid22035;...