CVE-2024-7216

A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic. This affects an unknown part of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The complexity of an attack is rather high. The exploitability is told to be...

CVE-2024-7216

CVE-2024-7216 affects TOTOLINK LR1200, version 9.3.1cu.2832. The vulnerability resides in the file /etc/shadow.sample , where a hard-coded password is used. The issue is described as having high attack complexity and a difficult exploitability, with exploitation disclosed publicly per the sources...

CVE-2024-7216 TOTOLINK LR1200 shadow.sample hard-coded password

A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic. This affects an unknown part of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The complexity of an attack is rather high. The exploitability is told to be...

Twisted vulnerable to HTML injection in HTTP redirect body

Summary The twisted.web.util.redirectTo function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting XSS in the redirect response HTML body. Details Twisted’s redirectTo functi...

GHSA-CF56-G6W6-PQQ2 Twisted vulnerable to HTML injection in HTTP redirect body

Summary The twisted.web.util.redirectTo function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting XSS in the redirect response HTML body. Details Twisted’s redirectTo functi...

Photon OS 5.0: Openjdk11 PHSA-2023-5.0-0032

An update of the openjdk11 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0032. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Curl PHSA-2022-3.0-0406

An update of the curl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0406. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Linux PHSA-2024-5.0-0230

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0230. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Mozjs PHSA-2023-4.0-0469

An update of the mozjs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0469. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Openssh PHSA-2019-2.0-0159

An update of the openssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0159. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Dbus PHSA-2019-3.0-0036

An update of the dbus package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

OESA-2024-1865 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 20.2.2 Release: 4 Summary: A...

OESA-2024-1866 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 20.2.2 Release: 4 Summary: A...

Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

PT-2024-40937 · Crates.Io · Paillier-Zk

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue concerns challenge derivation in non-interactive Zero-Knowledge ZK proofs, which was ambiguous and could potentially lead to a security issue. However, it is unknown if this...

RHEL 6 : quarkus-core (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - quarkus-core: Leak of local configuration properties into Quarkus applications CVE-2024-2700 Note that Nessus has n...

CVE-2024-6129

CVE-2024-6129 affects spa-cartcms 1.9.0.6, specifically the Username Handler component’s /login function where manipulating the email argument causes observable behavior differences. All connected sources confirm remote exposure with high attack complexity and a disclosed exploit; exploitation st...

CVE-2024-28995

SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. Recent assessments: sfewer-r7 at June 13, 2024 9:17am UTC reported: Based upon our Rapid7 Analysis, I have rated the attacker value of this vulnerability...

RHEL 9 : nautilus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nautilus: NULL pointer dereference via pasting crafted zip file CVE-2022-37290 Note that Nessus has not tested for...