KB5070886: Windows Server 2012R2 WSUS RCE (CVE-2025-59287)

The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...

KB5070881: Windows Server 2025 WSUS RCE (CVE-2025-59287)

The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...

KB5070883: Windows Server 2019 WSUS RCE (CVE-2025-59287)

The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...

Unspecified Vulnerability in HCL AION

HCL AION is an AI lifecycle management platform from HCL India. HCL AION has a security vulnerability which is caused due to missing security attributes in the encrypted session SSL cookie. No details of the vulnerability are provided at this time...

KB5066837: Windows 10 LTS 1507 Security Update (October 2025)

The remote Windows host is missing security update 5066837. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...

KB5066791: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (October 2025)

The remote Windows host is missing security update 5066791. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...

HCL AION 安全漏洞

HCL AION is an AI lifecycle management platform from HCL India. HCL AION has a security vulnerability which is caused due to missing security attributes in the encrypted session SSL cookie. No details of the vulnerability are provided at this time...

EUVD-2005-1161

Malware in sbrugna...

EUVD-2025-27841

Malicious code in bioql PyPI...

CVE-2025-57204

Stocky POS with Inventory Management & HRM ui-lib version 5.0 is affected by a Stored Cross-Site Scripting XSS vulnerability within the Products module available to authenticated users. The vulnerability resides in the product name parameter submitted to the product-creation endpoint via a standa...

webvulnscanner

Web Vulnerability Scanner A Python-based tool designed for ethic...

Security Updates for Azure Connected Machine Agent < 1.49

The Microsoft Azure Connected Machine Agent installation on the remote host is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for this issue but has instead...

Microsoft Office 2016 RCE Vulnerability (KB5002766)

This host is missing an critical security update according to Microsoft KB5002766 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KB5065507: Windows Server 2012 R2 Security Update (September 2025)

The remote Windows host is missing security update 5065507. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...

PT-2025-35492

Name of the Vulnerable Software and Affected Versions: IBM Concert Software versions 1.0.0 through 1.1.0 Description: IBM Concert Software fails to properly enable HTTP Strict Transport Security HSTS, potentially allowing a remote attacker to obtain sensitive information. An attacker could exploi...

curl: Missing Security Headers

Missing Security Headers Low Target: https://curl.se/ OWASP Mapping: A05 Misconfiguration / A02 Crypto Vulnerability ID: sec-headers-0f70ef5bcb Description A Missing Security Headers issue was discovered. This may allow an attacker to exploit the application. Proof of Concept Using cURL bash curl...

Security Updates for Microsoft Word Products C2R (August 2025)

The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has instead...

Security Updates for Microsoft Visual Studio Products (August 2025)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-53773 Note that Nessu...

Microsoft Windows Multiple Vulnerabilities (KB5063871)

This host is missing an important security update according to Microsoft KB5063871 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Security Updates for Microsoft Dynamics 365 (on-premises) (August 2025) - CVE-2025-53728

The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by an information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. Note that Nessus has not tested for this issue but has instead relied only on the...