40 matches found
Exploit for CVE-2026-42945
NGINX CVE-2026-42945 Local Checker This repository provides t...
CVE-2026-6213
A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the local connection check and achieve arbitrary code execution as root on the server side. Depending on implementation the vulnerability can be exploited by an unauthenticated attacker...
CVE-2026-6213
A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the local connection check and achieve arbitrary code execution as root on the server side. Depending on implementation the vulnerability can be exploited by an unauthenticated attacker...
PT-2026-38902
Name of the Vulnerable Software and Affected Versions Remote Spark SparkView versions prior to build 1122 Description An issue in the local connection check allows an attacker to bypass security restrictions and achieve arbitrary code execution as root on the server side. Depending on the...
PYSEC-2026-122
pyLoad is a free and open-source download manager written in Python. Prior to version 0.5.0b3.dev97, a Host Header Spoofing vulnerability in the @localcheck decorator allows unauthenticated external attackers to bypass local-only restrictions. This grants access to the Click'N'Load API endpoints,...
pyLoad 访问控制错误漏洞
pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev97 contained a security vulnerability related to access control. This vulnerability stemmed from the @localcheck decorator, which allowed for header spoofing by hosts, potentially allowing...
pyLoad 安全漏洞
pyLoad is an open-source download manager written in Python. There were security vulnerabilities in versions of pyLoad from 0.4.20 to 0.5.0b3.dev97. These vulnerabilities stemmed from the localcheck decorator in the ClickNLoad function, which could be bypassed through HTTP header tricks,...
GHSA-Q485-CG9Q-XQ2R Improper Authentication and Origin Validation Error in pyload-ng
Summary A Host Header Spoofing vulnerability in the @localcheck decorator allows unauthenticated external attackers to bypass local-only restrictions. This grants access to the Click'N'Load API endpoints, enabling attackers to remotely queue arbitrary downloads, leading to Server-Side Request...
EUVD-2022-55783
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...
VMware Fusion SEoL (7.0.x)
According to its version, VMware Fusion is 7.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...
SUSE SLES15 Security Update : strongswan (SUSE-SU-2023:4516-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4516-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...
PT-2023-27914 · Gofiber · Gofiber
Name of the Vulnerable Software and Affected Versions: gofiber versions prior to 2.49.2 Description: The issue impacts users who rely on the ctx.IsFromLocal method to restrict access to localhost requests. If exploited, it could allow unauthorized access to resources intended only for localhost...
Debian DSA-5445-1 : gst-plugins-good1.0 - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5445 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The...
PT-2023-20628
Name of the Vulnerable Software and Affected Versions Software affected versions not specified Description The issue arises from the code not recognizing IPv4-mapped IPv6 addresses as "local", leading to a connection attempt. This could be exploited by attackers with user account access to bypass...
Malicious code in uhclabs_local_check (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9e7f16a1e536eec45bfb40545edcf233dcaffbfc04e562d6e95a83f59f58a71 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Potential Exposure to BPFDoor (Local Check - Linux)
Binary data bpfdoorlocaldetect.nbin...
Photon OS 1.0: Openvswitch PHSA-2021-1.0-0381
An update of the openvswitch package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0381. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Fedora 28 : dokuwiki (2018-be9f4838dd)
Update to upstream version 2018-04-22a Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...
Solaris 10 (sparc) : 147673-10
SunOS 5.10: Oracle Java Web Console 3.1 Pa. Date this patch was last updated by Sun : Mar/14/15 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
CentOS 6 : kernel (CESA-2018:0169)
The remote CentOS host is missing a security update. C Tenable Network Security, Inc. The package checks in this plugin were extracted from CentOS Errata and Security Advisory 2018:0169. include"compat.inc"; if description scriptid106535; scriptversion"3.3"; scriptcvsdate"Date: 2019/10/02...