Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2023-1809)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.252.b09-2.51. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1809 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting...

CVE-2023-24515 Server side request forgery in api checker

Server-Side Request Forgery SSRF vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https scheme, the application allows other scheme such as file, which could allow a malicious user to...

How to get Odata to work on Https or on port 443 after binding a certificate.

When trying to fetch the Odata API on 443 and it is getting error : HTTP 404 Page not found. Or If the address using which the Odata API is fetched is in HTTP and unable to change it to HTTPS after binding the certificate...

Adding ADC instance on ADM failed with error - Added unlicensed * that requires HTTPS connection

Adding NetScaler instance on ADM failed with error - Added unlicensed that requires HTTPS connection...

Google Chrome's New Feature Alerts Users About Auto-Removal of Malicious Extensions

Google has announced plans to add a new feature in the upcoming version of its Chrome web browser to proactively alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release alongside Chrome 117, allows users to be notified when an...

Oracle Linux 8 : python-requests (ELSA-2023-4520)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-4520 advisory. 2.20.0-3 - Fix Unintended leak of Proxy-Authorization header CVE-2023-32681 Tenable has extracted the preceding description block directly from the Oracle Linux...

How to configure Responder policy to redirect http request to https

This article provide a Responder policy sample to achieve of redirecting http traffic to https for Content Switching Virtual Server with Responder policy in NetScaler. Policy is both applicable for http/ssl type Load balance virtual server...

Cloudflare Tunnel increasingly abused by cybercriminals

Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address. Cybercriminals are increasingly using this service to keep their activities from being detected. Cloudflare Tunnel, also known by its executable name, Cloudflared,...

AlmaLinux 8 : python-requests (ALSA-2023:4520)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:4520 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2578)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2023-2597)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python-requests (EulerOS-SA-2023-2627)

According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when...

firefox security update

102.14.0-1.0.1 - Updated homepages to use https Orabug: 34648274 102.14.0-1 - Update to 102.14.0 build1...

firefox security update

102.14.0-1.0.1 - Updated homepages to use https Orabug: 34648274 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.14.0-1 - Update to 102.14.0 build1...

OSX Meterpreter, Reverse HTTPS Inline

Run the Meterpreter / Mettle server payload stageless Module Options msf use payload/osx/aarch64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and set...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Weak Password Requirements (CVE-2020-6991)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an attacker to gain access using brute force. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Use of a Broken or Risky Cryptographic Algorithm (CVE-2020-7001)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Moxa MGate Protocol Gateways Cleartext Transmission of Sensitive Information (CVE-2021-4161)

The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server. This plugin only works with Tenable.ot. Please visit...

EulerOS Virtualization 2.10.1 : perl (EulerOS-SA-2023-2547)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable...

AlmaLinux 9 : python-requests (ALSA-2023:4350)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4350 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS...