57 matches found
Photon OS 4.0: Bcc PHSA-2025-4.0-0729
An update of the bcc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0729. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid21349...
Fedora 41 : libdigidocpp (2024-f474f99541)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f474f99541 advisory. - Upstream release of libdigidocpp Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
CVE-2023-32300
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Yoast Yoast SEO: Local plugin = 14.8 versions...
CVE-2023-32300
CVE-2023-32300 affects WordPress Yoast SEO Local plugin versions ≤14.8. The vulnerability is unauthenticated reflected cross-site scripting (XSS) in Local input handling, with potential impact to confidentiality and integrity but not availability per the cited metrics. Remediation is to upgrade t...
CVE-2023-32300 WordPress Yoast SEO: Local Plugin <= 14.8 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Yoast Yoast SEO: Local plugin = 14.8 versions...
CVE-2023-28785
CVE-2023-28785: A Stored XSS vulnerability affects WordPress Yoast SEO Local plugin versions up to 14.9. The issue is triggered by contributors or higher privileges and is addressed in version 15.0. Public details in Patchstack specify vulnerable versions
CVE-2023-28785 WordPress Yoast SEO: Local Plugin <= 14.9 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Yoast Yoast SEO: Local plugin = 14.9 versions...
WordPress Yoast SEO: Local Plugin <= 14.9 is vulnerable to Cross Site Scripting (XSS)
Software Yoast SEO: Local Type Plugin Vulnerable versions = 14.9 Fixed in 15.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28785 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 24eda6213577 Credits Rafie Muhammad Patchstac...
WordPress Yoast SEO: Local Plugin <= 14.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software Yoast SEO: Local Type Plugin Vulnerable versions = 14.8 Fixed in 14.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-28780 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID be756eabdc07 Credits Rafie Muhammad...
WordPress Yoast SEO: Local Plugin <= 14.8 is vulnerable to Cross Site Scripting (XSS)
Software Yoast SEO: Local Type Plugin Vulnerable versions = 14.8 Fixed in 14.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32300 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 28e5acd1438d Credits Rafie Muhammad...
RHEL 8 : samba (RHSA-2023:0638)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0638 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...
Magix CMS Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
Solaris 5.6 (x86) : 111963-04
Solstice Backup 6.1x86: Product Patch. Date this patch was last updated by Sun : Jan/06/04 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
Debian DSA-103-1 : glibc - buffer overflow
A buffer overflow has been found in the globbing code for glibc. This is the code which is used to glob patterns for filenames and is commonly used in applications like shells and FTP servers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Mandrake Linux Security Advisory : webmin (MDKSA-2001:059)
Recently, Caldera found that when webmin starts a system daemon from the web frontend it does not clear its environment variables. Since these variables contain the authorization of the administrator, any daemon would also get these variables. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Fedora Core 1 : abiword-2.0.1-2 (2004-224)
security update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...
Microsoft Windows SMB Registry : NT4 Service Pack Version Detection
Nessus was able to determine the Service Pack version of the Windows NT system by reading the following registry key : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CSDVersion C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10401; scriptversion"1.56";...