How to Collect Logs from Veeam Appliance Installer

Purpose This article documents how to collect logs from the installer for the Software Appliances included with Veeam Backup & Replication 13 Veeam Software Appliance, Veeam Infrastructure Appliance, and Veeam Hardened Repository Appliance. This procedure may be required if an installation-relate...

EUVD-2018-7629

Malware in sbrugna...

EUVD-2022-50995

Malicious code in bioql PyPI...

Fixed in Apache Tomcat 9.0.106

Moderate: Session fixation possible via rewrite valve CVE-2025-55668 If the rewrite valve was enabled for a web application, an attacker was able to craft a URL that, if a victim clicked on it, would cause the victim's interaction with that resource to occur in the context of the attacker's...

CVE-2024-25140

A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing 1.3.6.1.5.5.7.3.3, valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of...

April 8, 2025—KB5055557 (Monthly Rollup)

April 8, 2025—KB5055557 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only...

CVE-2024-27294

dp-golang is a Puppet module for Go installations. Prior to 1.2.7, dp-golang could install files — including the compiler binary — with the wrong ownership when Puppet was run as root and the installed package was On macOS: Go version 1.4.3 through 1.21rc3, inclusive,...

Fedora 41 : moodle (2024-ddb5f7c0a3)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-ddb5f7c0a3 advisory. Multiple CVE fixes. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

Cisco Unified Computing System Command Injection (CVE-2017-12341)

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation during the...

Fedora 40 : mingw-glib2 (2024-1e29ad7d25)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1e29ad7d25 advisory. Update to 2.82.2, fixes CVE-2024-52533. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

VDA 2402 LTSR Features are not shown as installed when you attempt to change the VDA installation

You may not see the below features selected or installed after you attempt to change or modify the VDA installation from Control panel Use Windows Remote Assistance Use Real-Time Audio Transport Use Screen Sharing Is this VDA installed on VM in the Cloud...

Citrix DAAS Cloud Connector

Introduction This article is a summary of the support articles and documentation related to the most common customer issues for Citrix DAAS Cloud connector. Overview of the Issue The Citrix Cloud Connector serves as a channel for communication between Citrix Cloud and your resource locations...

XenServer VM Tools

Introduction Instances where XenServer encounters various errors while installing XenServer VM tools Overview of the Issue In different situations, XenServer has some issues when installing VM tools, possibly due to various factors. This article will outline different scenarios and potential...

Internal Error 2869 when Installing Hotfixes on XenApp 6.x

Errors occur when installing hotfixes on a XenApp 6.0 server usingthe manual method. The manual installation method included: Right-clicking on the .msp hotfix package and selecting Apply Double-clicking on the .msp hotfix package The errordisplayed is a message box with the following dialog:...

CVE-2024-4403

A Cross-Site Request Forgery CSRF vulnerability exists in the restartprogram function of the parisneo/lollms-webui v9.6. This vulnerability allows attackers to trick users into performing unintended actions, such as resetting the program without their knowledge, by sending specially crafted CSRF...

How to verify downloaded ISO images

This article contains information about checking the integrity of the downloaded ISO image before burning it to a media. Corrupted ISO images can lead to problems during installation. Therefore, it is a good practice to check the integrity of the downloaded ISO image...

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-48295

The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems batch installation of applications...

SUSE-SU-2022:0861-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: openssl-11: - CVE-2022-0778: Infinite loop in BNmodsqrt reachable when parsing certificates bsc1196877. - Fix PAC pointer authentication in ARM bsc1195856 - Pull libopenssl-11 when updating openssl-11 with the same version bsc1195792 - FIPS:...

July 6, 2021 Security Update (KB5004961) Out-of-band

July 6, 2021 Security Update KB5004961 Out-of-band Improvements and fixes This security update includes quality improvements. Key changes include: Addresses a remote code execution exploit in the Windows Print Spooler service, known as “PrintNightmare”, as documented in CVE-2021-34527. After...