MiracleLinux 8 : squid:4 (AXSA:2024-7336:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7336:01 advisory. squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 Tenable...

MiracleLinux 9 : squid-5.5-5.el9.1 (AXSA:2023-6560:03)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6560:03 advisory. SQUID-2023:3 squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 SQUID-2023:1 squid: Request/Response smuggling in HTTP/1.1 and IC...

EUVD-2020-7675

Malware in sbrugna...

EUVD-2010-0581

Malware in sbrugna...

EUVD-2022-1939

Malicious code in bioql PyPI...

EUVD-2021-28629

Malicious code in bioql PyPI...

EUVD-2022-4133

Malicious code in bioql PyPI...

EUVD-2022-4937

Malicious code in bioql PyPI...

EUVD-2022-3341

Malicious code in bioql PyPI...

CVE-2024-4772

An HTTP digest authentication nonce value was generated using rand which could lead to predictable values. This vulnerability affects Firefox 126...

CVE-2021-41615

websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 or RFC 2617 section 3.2.1. NOTE:...

Linux Distros Unpatched Vulnerability : CVE-2018-1312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated...

Moderate: Red Hat Security Advisory: php:7.4 security update

An update for the php:7.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2024:10952 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing error check and insufficient random bytes in...

Advisory ROSA-SA-2024-2477

software: squid 5.9 WASP: ROSA-CHROME packageevrstring: squid-5.9-2 CVE-ID: CVE-2023-46724 BDU-ID: 2023-07699 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to errors in SSL/TLS certificate validation. Exploitation of the vulnerability could allow an attacker actin...

Intel AMT Digest Authentication Bypass Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intel AMT Digest Authentication Bypass Scanner', 'Description' = %q This module scans for Intel Active Management Technology endpoints and attemp...

Fedora 40 : firefox (2024-eabe68b149)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-eabe68b149 advisory. - new upstream update 126.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

Fedora 39 : firefox (2024-a2c6c8afa9)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a2c6c8afa9 advisory. - new upstream update 126.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

CVE-2024-4772

An HTTP digest authentication nonce value was generated using rand which could lead to predictable values. This vulnerability affects Firefox 126...