F5 Networks BIG-IP : cURL vulnerability (K41523201)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4.1 / 14.1.4.2 / 15.1.4 / 16.0.1.2 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K41523201 advisory. Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to...

UBUNTU-CVE-2019-25034

Unbound before 1.9.5 allows an integer overflow in sldnsstr2wirednamebuforigin, leading to an out-of-bounds write. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...

Google Chrome < 90.0.4430.93 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 90.0.4430.93. It is, therefore, affected by multiple vulnerabilities as referenced in the 202104stable-channel-update-for-desktop26 advisory. - Heap buffer overflow in ANGLE in Google Chrome on Windows prior to...

Fedora 32 : python39 (2021-a311bf10d4)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-a311bf10d4 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network...

Fedora 33 : xorg-x11-server (2021-139f3fc21c)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-139f3fc21c advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network...

Juniper Junos OS Vulnerability (JSA11159)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11159 advisory. Note: Nessus found J-Web enabled set system services web-management https on this device. TRUSTED...

Juniper Junos OS Vulnerability (JSA11136)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11136 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc...

Juniper Junos OS Vulnerability (JSA11166)

The version of Junos OS installed on the remote host is affected by a vulnerability XSS in J-Web as referenced in the JSA11166 advisory. Note: Nessus found J-Web enabled set system services web-management https on this device. TRUSTED...

Juniper Junos OS Vulnerability (JSA11152)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11152 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc...

Microsoft Patch Tuesday, April 2021 Edition

Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products. The patches include four security fixes for Microsoft Exchange Server -- the same systems that have been besieged by attacks on four separate and zero-day bugs in the email...

Fedora 33 : xen (2021-0b784a4d02)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-0b784a4d02 advisory. - HVM soft-reset crashes toolstack XSA-368 CVE-2021-28687 - HVM soft-reset crashes toolstack XSA-368 fedora-all CVE-2021-28687 Note that Nessus has...

CVE-2021-26897

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895. Recent assessments: architect00 at April 14, 2021 6:08am UTC reported: Vulnerability Overview 0patch released a blog article about their micro patch...

Fedora 33 : dotnet3.1 (2021-c3d7fc8949)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-c3d7fc8949 advisory. - .NET Core and Visual Studio Denial of Service Vulnerability CVE-2021-1721 - .NET Core Remote Code Execution Vulnerability This CVE ID is unique fr...

SonicWall SNWLID-2021-0001 Zero-Day and SolarWinds’ 2021 CVE Trifecta: What You Need to Know

Not content with the beating it laid down in January, 2021 continues to deliver with an unpatched zero-day exposure in some SonicWall appliances and three moderate-to-critical CVEs in SolarWinds software. We dig into the details below. Urgent mitigations required for SonicWall SMA 100 Series...

Cisco Webex Teams Shared File Manipulation Vulnerability (cisco-sa-webex-teams-7ZMcXG99)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cisco-sa-webex-teams-7ZMcXG99 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...

Vulristics Vulnerability Score, Automated Data Collection and Microsoft Patch Tuesdays Q4 2020

In this episode I would like to make a status update of my Vulristics project. For those who dont know, in this project I retrieve publicly available vulnerability data and analyze it to better understand the severity of these vulnerabilities and better prioritize them. Currently, it is mainly...

WP24 Domain Check < 1.6.3 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin version 1.6.2 and possibly below, was vulnerable to Stored Cross-Site Scripting XSS in the plugin's fieldnameDomain settings parameter. The form did require a valid CSRF nonce, limiting the exploitability of the vulnerability. PoC In the plugin's advanced settings...

Deserialization of untrusted data

Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated remote attackers with minimal privileges such as subscribers to use the tpncrender AJAX action to inject arbitrary PHP objects via the optionsinlineedits parameter. NOTE: exploitability depends on PH...

CVE-2020-35932

Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated remote attackers with minimal privileges such as subscribers to use the tpncrender AJAX action to inject arbitrary PHP objects via the optionsinlineedits parameter. NOTE: exploitability depends on PH...

Debian DSA-4817-1 : php-pear - security update

Two vulnerabilities were discovered in the PEAR ArchiveTar package for handling tar files in PHP, potentially allowing a remote attacker to execute arbitrary code or overwrite files. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...