RHEL 8 : subversion:1.10 (RHSA-2021:0507)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0507 advisory. Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of fil...

CVE-2018-19418

Foxit PDF ActiveX before 5.5.1 allows remote code execution via command injection because of the lack of a security permission control...

Missing Security UI

firefox is missing security UI. It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user...

Amazon Linux AMI : curl (ALAS-2020-1444)

The version of curl installed on the remote host is prior to 7.61.1-12.95. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1444 advisory. A flaw was found in libcurl from versions 7.29.0 through 7.71.1. An application that performs multiple requests with libcurl's mul...

EulerOS Virtualization 3.0.6.6 : cups (EulerOS-SA-2020-2464)

According to the version of the cups packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - heap based buffer overflow in libcups's ppdFindOption in ppd-mark.cCVE-2020-3898 Note that Tenable Network Security has extracted the...

Fedora 33 : 2:samba (2020-c1e9ae02d2)

Update to Samba 4.13.1 - Security fixes for CVE-2020-14318, CVE-2020-14323 and CVE-2020-14383 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

Photon OS 2.0: Gnutls PHSA-2020-2.0-0288

An update of the gnutls package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0288. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid14144...

CVE-2019-4326

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."...

Information disclosure

IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226...

CVE-2018-1501

IBM Security Guardium 10.5, 10.6, and 11.0 could allow an unauthorized user to obtain sensitive information due to missing security controls. IBM X-Force ID: 141226...

CVE-2020-19883

DBHcms v1.2.0 has a stored xss vulnerability as there is no security filter in dbhcms\mod\mod.users.view.php line 57 for userlogin, A remote authenticated with admin user can exploit this vulnerability to hijack other users...

Amazon Linux 2 : python, python3 (ALAS-2020-1471)

The version of python installed on the remote host is prior to 2.7.18-1. The version of python3 installed on the remote host is prior to 3.7.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1471 advisory. 2023-10-25: CVE-2022-48560 was added to this...

Amazon Linux AMI : doxygen (ALAS-2020-1412)

The version of doxygen installed on the remote host is prior to 1.8.5-4.14. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1412 advisory. Insufficient sanitization of the query parameter in templates/html/searchopensearch.php could lead to reflected cross-site...

Fedora 31 : libarchive (2020-d8278fe24d)

The remote Fedora 31 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2020-d8278fe24d advisory. Rebase to version 3.4.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Photon OS 2.0: Openldap PHSA-2020-2.0-0242

An update of the openldap package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0242. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Glibc PHSA-2020-2.0-0242

An update of the glibc package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0242. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136569...

Photon OS 3.0: Elasticsearch PHSA-2020-3.0-0088

An update of the elasticsearch package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0088. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136577;...

Oracle Linux 8 : git (ELSA-2020-1980)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1980 advisory. 2.18.4-2 - Update to release 2.18.4 - Resolves: CVE-2020-11008 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 6 : krb5-appl (ELSA-2020-1349)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1349 advisory. - Fix CVE-2020-10188 netclear/nextitem buffer overrun Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Fedora 31 : php-robrichards-xmlseclibs1 (2020-46d0f456a9)

1.4.3 12, Nov 2019 Security Improvements : - Insure only a single SignedInfo element exists within a signature during verification. Refs CVE-2019-3465. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...