EspoCRM 安全漏洞

EspoCRM is an open source web-based customer relationship management CRM system. The system provides features such as sales automation, community and customer support. A security vulnerability exists in EspoCRM version 7.1.8 that stems from the presence of a missing security flag that allows...

RHEL 9 : thunderbird (RHSA-2022:4772)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4772 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.9.1. Security Fixes: Mozilla:...

CVE-2022-2381

The E Unlocked - Student Result WordPress plugin through 1.0.4 is lacking CSRF and validation when uploading the School logo, which could allow attackers to make a logged in admin upload arbitrary files, such as PHP via a CSRF attack...

SUSE SLES12 Security Update : crash (SUSE-SU-2022:2319-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2319-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...

RHEL 8 : squid:4 (RHSA-2022:5528)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5528 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: DoS when...

RHEL 9 : libxml2 (RHSA-2022:5250)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5250 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows in...

CVE-2022-27220

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.0 SP2. Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks...

Siemens SINEMA Remote Connect Server 安全特征问题漏洞

SINEMA Remote Connect is a remote network management platform that makes it easy to manage tunneled connections VPNs between headquarters, service technicians, and installed machines or plants.A standard security check implementation error vulnerability exists in Siemens SINEMA Remote Connect...

Security Updates for Microsoft Word Products C2R (July 2021)

The Microsoft Word Products are missing security updates. They are, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for this issue but has instead relie...

Security Feature Bypass Vulnerability for Microsoft Excel Products C2R (June 2020)

The Microsoft Excel Products is missing a security update, and Therefore is affected by a security feature bypass vulnerability. An attacker who exploited this vulnerability could cause a system to load remote images which could disclose the IP address of the targeted system to the attacker. C...

RHEL 8 : postgresql:13 (RHSA-2022:4857)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4857 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version:...

Oracle Linux 8 : qt5-qtbase (ELSA-2022-1796)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1796 advisory. 5.15.2-4 - Fix out-of-bounds write in QOutlineMapper::convertPath Resolves: bz1996877 Tenable has extracted the preceding description block directly from the...

Rocky Linux 8 : .NET Core 3.1 (RLSA-2022:2202)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2202 advisory. - .NET and Visual Studio Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-23267, CVE-2022-29145. CVE-2022-29117 Note that Nessus has not test...

CVE-2022-25755

A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...

RHEL 8 : httpd:2.4 (RHSA-2022:1080)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1080 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during...

IBM Guardium Data Encryption 安全漏洞

IBM Guardium Data Encryption GDE is a software application from IBM, USA. Provides a data security and compliance solution. An information disclosure vulnerability exists in IBM Guardium Data Encryption that stems from a failure to properly enable HTTP Strict Transport Security, which can be...

UBUNTU-CVE-2021-45289

A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL...

PT-2021-24223 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: A vulnerability exists due to an omission of security-relevant information, which could cause a Denial of Service. The program terminates with signal SIGKILL. Recommendations: For GPAC version 1.0.1, at the...

JetBrains TeamCity has an unspecified vulnerability (CNVD-2022-09216)

JetBrains TeamCity is a distributed build management and continuous integration tool from Czech company JetBrains Jetbrains. The tool provides continuous unit testing, code quality analysis, and build issue analysis reporting.JetBrains TeamCity has a security vulnerability that stems from a missi...

RHEL 8 : mailman:2.1 (RHSA-2021:4838)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4838 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks...