RHEL 8 : gcc (RHSA-2021:4386)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4386 advisory. The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes:...

Mozilla Firefox Security Advisory (MFSA2012-105) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2013-21) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2021:3294-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3294-1 advisory. - nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 Note that Nessus has not tested for this issue but has instead relied onl...

Security Bulletin: IBM Security Guardium is affected by a Missing Security Control vulnerability

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2018-1501 DESCRIPTION: IBM Security Guardium EcoSystem could allow an unauthorized user to obtain sensitive information due to missing security controls. CVSS Base score: 5.3 CVSS Temporal Score: See:...

Photon OS 2.0: Curl PHSA-2021-2.0-0392

An update of the curl package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0392. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc...

Security Updates for Microsoft Dynamics 365 (on-premises) (September 2021)

The Microsoft Dynamics 365 on-premises is missing a security update. It is, therefore, affected by the following vulnerability: - A cross-site scripting XSS vulnerability exists due to improper validation of user-supplied input before returning it to users. An attacker can exploit this by...

Photon OS 4.0: Cpio PHSA-2021-4.0-0089

An update of the cpio package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0089. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc...

RHEL 8 : cloud-init (RHSA-2021:3081)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3081 advisory. The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to...

RHEL 7 : rh-varnish6-varnish (RHSA-2021:2993)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2993 advisory. Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and ov...

WordPress plugin LMS 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. WordPress LMS Plugin has a security...

Security Bulletin: IBM i2 Analyze missing security header (CVE-2021-29769)

Summary Some secure header options were missing in communication with the i2 Analyze server. Vulnerability Details CVEID: CVE-2021-29769 DESCRIPTION: IBM i2 Analyst's Notebook Premium does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the...

OracleVM 3.4 : kernel-uek (OVMSA-2021-0022)

The remote OracleVM system is missing necessary patches to address security updates: - Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. CVE-2020-12352 - An issue was discovered in the Linux kernel before 5.8.1...

SUSE SLES12 Security Update : ovmf (SUSE-SU-2021:2119-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2119-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

Photon OS 1.0: Zeromq PHSA-2021-1.0-0403

An update of the zeromq package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-1.0-0403. The text itself is copyright C VMware, Inc...

CVE-2020-26516

A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. Requests sent to the server that trigger actions do not contain a CSRF token and can therefore be entirely predicted allowing attackers to cause the victim's browser to execute undesired actions in the web application...

CVE-2020-4732

IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to obtain sensitive information due to lack of security restrictions. IBM X-Force ID: 188126...

Photon OS 3.0: Python PHSA-2021-3.0-0239

An update of the python package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0239. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

RHEL 7 : bind (RHSA-2021:1475)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1475 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

RHEL 7 : bind (RHSA-2021:0693)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0693 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable, Inc...