Slackware Linux 15.0 openssl Vulnerability (SSA:2024-295-01)

The version of openssl installed on the remote host is prior to 1.1.1zb. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-295-01 advisory. New openssl packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description bloc...

Photon OS 4.0: Wireshark PHSA-2024-4.0-0702

An update of the wireshark package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0702. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Qnap QTS Command Injection (CVE-2018-19949)

If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build...

Qnap QTS Path Traversal (CVE-2013-7174)

Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Qnap QTS Command Injection (CVE-2020-2490)

If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

Siemens JT2Go < 2406.0003 Buffer Overflow (SSA-626178)

The version of Siemens JT2Go installed on the remote host is prior to 2406.0003. It is, therefore, affected by a stack-based buffer overflow vulnerability as referenced in the SSA-626178 advisory that could be triggered while parsing specially crafted PDF files. This could allow an attacker to...

Juniper Junos OS Vulnerability (JSA88132)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA88132 advisory. - An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker ...

Security Updates for Microsoft SharePoint Server Subscription Edition (October 2024)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by a privilage elevation vulnerability. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Security Updates for Microsoft Excel Products (October 2024)

The Microsoft Excel Products are missing a security update. They are, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for this issue but has instead...

NuGet Package 'Microsoft.ML.TimeSeries' Detection

The remote host has a 'Microsoft.ML.TimeSeries' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

CBL Mariner 2.0 Security Update: reaper (CVE-2024-42461)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42461 advisory. - In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signature...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2024:3105-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3105-1 advisory. - CVE-2024-6119: Fixed denial of service in X.509 name checks bsc1229465 Tenable has extracted the...

Slackware Linux 15.0 kcron Vulnerability (SSA:2024-240-01)

The version of kcron installed on the remote host is prior to 21.12.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-240-01 advisory. New kcron packages are available for Slackware 15.0 to fix a security issue. Tenable has extracted the preceding description block...

AlmaLinux 9 : python-setuptools (ALSA-2024:5534)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:5534 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

Photon OS 4.0: Python3 PHSA-2024-4.0-0662

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0662. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 40 : curl (2024-a7976ba89f)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a7976ba89f advisory. - fix freeing stack buffer in utf8asn1str CVE-2024-6197 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

Photon OS 3.0: Docker PHSA-2023-3.0-0604

An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0604. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Nxtgn PHSA-2023-3.0-0594

An update of the nxtgn package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0594. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Go PHSA-2023-3.0-0575

An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0575. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid203976...

Photon OS 4.0: Redis PHSA-2023-4.0-0469

An update of the redis package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0469. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...