CVE-2023-20774

In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292228; Issue ID: ALPS07292228...

Oracle Access Manager Multiple Vulnerabilities (Apr 2023 CPU)

The version of Oracle Access Manager installed on the remote host is missing a security patch from the April 2023 CPU Advisory. It is, therefore, affected by multiple vulnerabilities: - Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Third Party Jython. T...

CVE-2023-20657

In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485...

AIX (IJ41685)

The version of AIX installed on the remote host is prior to APAR IJ41685. It is, therefore, affected by a vulnerability as referenced in the IJ41685 advisory. - IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to obtain root...

Solaris 10 (sparc) : 153091-01

SunOS 5.10: a2ps patch. Date this patch was last updated by Sun : Jul/18/22 %NASLMINLEVEL 80900 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid172378; scriptversion"1.0";...

Solaris 10 (sparc) : 148419-04

SunOS 5.10: nssdns patch. Date this patch was last updated by Sun : Jan/16/23 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include"compat.inc"; if description...

CVE-2023-20604

In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494067; Issue ID: ALPS07494067...

QNAP QTS / QuTS hero Command Injection (QSA-23-01)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by a command injection vulnerability. If exploited, this vulnerability allows remote attackers to inject malicious code. Note that Nessus has not tested for this issue but has instead relied only on the application's...

Oracle Identity Manager (Apr 2022 CPU)

The version of Oracle Identity Manager installed on the remote host is missing a security patch and is, therefore affected by multiple vulnerabilities as referenced in the April 2022 Critical Patch UpdateCPU advisory. - Vulnerability in the Oracle Identity Management Suite product of Oracle Fusio...

AIX 7.2 TL 5 : bind (IJ33279)

https://vulners.com/cve/CVE-2021-25215 https://vulners.com/cve/CVE-2021-25215 ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries for DNAME records. By sending a query for DNAME records, an attacker could exploit this vulnerability to trigger a...

AIX 7.1 TL 5 : trace (IJ32940)

IBM AIX could allow a non-privileged local user to exploit a vulnerability in the trace facility to expose sensitive information or cause a denial of service. CVE-2021-29706 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text in the description was extracted from AIX Security Advisory...

Juniper Junos OS Vulnerability (JSA11151)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11151 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc...

Cisco Nexus 9000 ACI Mode Shell Escape Vulnerability (cisco-sa-20190306-aci-shell-escape)

A shell escape / privilege escalation vulnerability exists in ACI Mode due to insufficient sanitization of user-supplied input. Therefore, an authenticated, remote attacker can exploit this, via a specifically crafted CLI command, to escape the ACI shell and gain root access to the system. Please...

Oracle WebCenter Portal Multiple Vulnerabilities (Apr 2020 CPU)

Binary data oraclewebcenterportalcpuapr2020.nbin...

Cisco Nexus 1000V Switch for VMware vSphere Secure Login Enhancements Denial of Service Vulnerability

A denial of service DoS vulnerability exists in Cisco Nexus 1000V Switch due to issues with the Secure Login Enhancements. An unauthenticated, remote attacker can exploit this issue, via overloading the login system, to cause the system to stop responding. Please see the included Cisco BIDs and...

Oracle Secure Global Desktop Multiple Vulnerabilities (January 2020 CPU)

The version of Oracle Secure Global Desktop installed on the remote host is missing a security patch from the January 2020 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability exists in the Core Apache Axis component. An...

Solaris 10 (sparc) : 143725-12

SunOS 5.10: SunFreeware ntp patch. Date this patch was last updated by Sun : Apr/15/19 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid124073; scriptversion"1.2"; scriptcvsdate"Date...

CVE-2017-15101

A missing patch for a stack-based buffer overflow in findTable was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution...

CVE-2017-15101

CVE-2017-15101 affects the liblouis library. A stack-based overflow in the findTable() function was not patched prior to version 2.5.4 on Red Hat platforms, enabling potential denial of service and possibly arbitrary code execution. Connected sources corroborate affected packages (Red Hat libloui...

Oracle Tuxedo Multiple Vulnerabilities (July 2018 CPU)

The version of Oracle Tuxedo installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid111164;...