56 matches found
EUVD-2024-27342
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-0503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a...
Linux Distros Unpatched Vulnerability : CVE-2015-4772
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Serv...
CVE-2014-2848
A race condition in the wmimalwarescan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program...
Linux Distros Unpatched Vulnerability : CVE-2023-37453
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in readdescriptors in...
Linux Distros Unpatched Vulnerability : CVE-2023-25434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes at /libtiff/tools/tiffcrop.c:3215. CVE-2023-25434 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2021-43331
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. CVE-2021-43331 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2022-1769
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. CVE-2022-1769 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2022-49599
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: Fix data-races around sysctltcpl3mdevaccept. While reading sysctltcpl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its...
Linux Distros Unpatched Vulnerability : CVE-2019-20807
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces e.g., Python, Ruby, or Lua...
Linux Distros Unpatched Vulnerability : CVE-2017-1000231
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors. CVE-2017-1000231 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2015-4104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service unexpected...
Linux Distros Unpatched Vulnerability : CVE-2017-9166
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GETCOLOR function in color.c:18:11. CVE-2017-9166 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2010-4563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast...
RHEL 6 : libtar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libtar: missing validation of file names CVE-2013-4420 Note that Nessus has not tested for this issue but has inste...
CVE-2024-2390
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin...
CVE-2024-2390 Local Privilege Escalation
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin...
CVE-2024-2390 Local Privilege Escalation
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a malicious actor with sufficient permissions on a scan target to place a binary in a specific filesystem location, and abuse the impacted plugin...
Tenable Network Security Nessus Security Vulnerability
Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. A security vulnerability exists in Tenable Network Security Nessus Plugin Feed ID, which stems from a vulnerability that allows an attacker with sufficient privileges to the target o...
Slackware Linux 15.0 / current expat Vulnerability (SSA:2024-073-01)
The version of expat installed on the remote host is prior to 2.6.2. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-073-01 advisory. - libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers created via...