GStreamer Installed (macOS)

Binary data macosgstreamerinstalled.nbin...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libblockdev (SUSE-SU-2025:02044-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02044-1 advisory. - CVE-2025-6019: Suppress privilege escalation during xfs fs resize bsc1243285. Tenable has extracted th...

Fortinet FortiWeb Directory Traversal (FG-IR-24-474)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-474 advisory. - An Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability CWE-22 in FortiWeb version 7.6...

Fedora 40 : ffmpeg (2025-34c88263fe)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-34c88263fe advisory. Backported fix for CVE-2024-12361 . Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has no...

Photon OS 5.0: Linux PHSA-2023-5.0-0032

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0032. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Linux PHSA-2024-4.0-0706

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0706. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Adobe Digital Editions < 3.0 (APSB14-03) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 3.0. It is, therefore, affected by a vulnerability as referenced in the APSB14-03 advisory. - Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service memory corruption...

Adobe Digital Editions < 4.5.1 (APSB16-06) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.1. It is, therefore, affected by a vulnerability as referenced in the APSB16-06 advisory. - Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service memory...

Fedora 39 : python-virtualenv (2024-f7d6b76677)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f7d6b76677 advisory. - Prevent command injection by quoting template strings in activation scripts Tenable has extracted the preceding description block directly from the Fedora...

CBL Mariner 2.0 Security Update: giflib (CVE-2022-28506)

The version of giflib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-28506 advisory. - There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB in gif2rgb.c:298:45. CVE-2022-28506...

Qnap QTS Cross-site Scripting (CVE-2017-13072)

Cross-site scripting XSS vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote attackers to inject Javascript code. This plugin only works with Tenable.ot. Please visit...

SUSE Linux Enterprise Server For SAP SEoL (11.4.x)

According to its version, SUSE Linux Enterprise Server For SAP is 11.4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...

SUSE Linux Enterprise Server For SAP SEoL (12.4.x)

According to its version, SUSE Linux Enterprise Server For SAP is 12.4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...

Qnap QES Cross-site Scripting (CVE-2020-2503)

If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later. This plugin only works with Tenable.ot. Please visit...

Photon OS 4.0: Redis PHSA-2024-4.0-0700

An update of the redis package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0700. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Qnap Multiple Vulnerabilities in QTS, QuTS hero and QuTScloud (CVE-2023-50358)

Multiple vulnerabilities have been reported to affect several QNAP operating system versions. If exploited, the OS command injection vulnerabilities could allow users to execute commands via a network. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-o...

SUSE Linux Enterprise Server For SAP SEoL (15.0.x)

According to its version, SUSE Linux Enterprise Server For SAP is 15.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...

Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17027)

A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 Beta 2 build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices. This plugin only works with Tenable.ot. Please visit...

Oracle Linux 9 : buildah (ELSA-2024-8112)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8112 advisory. - rebuild to address CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 Tenable has extracted the preceding description block directly from the Oracle Linux...

Slackware Linux 15.0 / current libarchive Vulnerability (SSA:2024-287-01)

The version of libarchive installed on the remote host is prior to 3.7.7. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-287-01 advisory. New libarchive packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...