35 matches found
Malicious code in pywingui (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db77876bf3b13e55750748761841f7ab77f17bd951bdc1c749e1e56d4416d7e pywingui 6.0.1 advertises itself as a Win32 UI automation framework but ships only Nuitka-compiled cp311-win32.pyd binaries the 4.py files are trivia...
EUVD-2025-25583
Malicious code in bioql PyPI...
Python DoS Vulnerability (Dec 2024) - Linux
Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
Saltstack Minion Payload Deployer Exploit
This Metasploit exploit module uses saltstack salt to deploy a payload and run it on all targets which have been selected default all. Currently only works against nix targets. This module requires Metasploit: https://metasploit.com/download Current source:...
PT-2023-19183 · Unknown · Fizz Library
Name of the Vulnerable Software and Affected Versions: fizz library versions prior to v2023.01.30.00 Description: The issue is related to a CHECK failure that can be triggered remotely in the fizz library. This behavior occurs when the client-supported cipher advertisement changes between the...
What’s New in InsightVM: Q1 2021 in Review
Are you ready to return to the office? At many companies around the world, plans are being put into place for a phased workforce return to physical offices. With big moves come big changes, which inevitably reveal new vulnerabilities. For many across the security landscape, it’s as if hundreds of...
VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 Information Disclosure (VMSA-2018-0012) (Spectre) (remote check)
The remote VMware ESXi host is version 5.5, 6.0, 6.5, or 6.7 and is missing a security patch. It is, therefore, vulnerable to an information disclosure vulnerability. The vulnerability exists in the speculative execution control mechanism. An unauthenticated, local attacker can exploit this, via...
VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 DoS (VMSA-2018-0018) (remote check)
The remote VMware ESXi host is version 5.5, 6.0, 6.5, or 6.7 and is missing a security patch. It is, therefore, vulnerable to a denial of service vulnerability. The vulnerability exists in the RPC handler due to a NULL pointer dereference issue. An authenticated, remote attacker can exploit this...
CVE-2019-15803
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fdssyspassDebugPasswdret. The...
ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2018-0027) (Remote Check)
The remote VMware ESXi host is version 6.0, 6.5, or 6.7 and is missing a security patch. It is, therefore, vulnerable to multiple vulnerabilities. Leveraging the most severe of these vulnerabilities could allow an attacker to execute arbitrary code on the host from the security context of an...
Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)
Nessus was able to obtain the set of SMB2 and SMB3 dialects running on the remote host by sending an authentication request to port 139 or 445. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid106716; scriptversion"1.6";...
macOS 10.13 Authentication Bypass Remote Check (CVE-2017-13872)
The remote host is affected by an authentication bypass vulnerability. A local attacker or a remote attacker with credentials for a standard user account has the ability to blank out the root account password. This can allow an authenticated attacker to escalate privileges to root and execute...
ESXi 5.5 < Build 6480267 RPC NULL Pointer Dereference Vulnerability (VMSA-2017-0015) (remote check)
The version of the remote VMware ESXi 5.5 host is prior to build 6480267. It is, therefore, affected by a NULL pointer dereference vulnerability related to handling RPC requests that could allow an attacker to crash a virtual machine. C Tenable Network Security, Inc. include"compat.inc"; if...
Intel Active Management Technology (AMT) Web UI Clickjacking Weakness (INTEL-SA-00081) (remote check)
The Intel Management Engine on the remote host has Active Management Technology AMT enabled, and according to its self-reported version in the banner, it is running Intel manageability firmware version 9.0.x or 9.1.x prior to 9.1.40.1000, 9.5.x prior to 9.5.60.1952, 10.0.x prior to 10.0.50.1004,...
Cisco Prime Data Center Network Manager 10.1.x < 10.2.1 Multiple Vulnerabilities (remote check)
According to its self-reported version number, the Cisco Prime Data Center Network Manager DCNM installed on the remote host is 10.1.x prior to 10.2.1. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the role-based access control RBAC...
How to check PVS target device write cache size remotely
...
Microsoft Windows SMB Versions Supported (remote check)
Nessus was able to obtain the version of SMB running on the remote host by sending an authentication request to port 139 or 445. Note that this plugin is a remote check and does not work on agents. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid100871;...
Intel Management Engine Authentication Bypass (INTEL-SA-00075) (remote check)
Binary data intelamtauthbypass.nbin...
ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
The version of the remote VMware ESXi 6.0 host is 6.0 U1 prior to build 5251621, 6.0 U2 prior to build 5251623, or 6.0 U3 prior to build 5224934. It is, therefore, affected by multiple vulnerabilities : - A stack memory initialization flaw exists that allows an attacker on the guest to execute...
ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
The version of the remote VMware ESXi 5.5 host is prior to build 5230635. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in memory initialization that allows an attacker on the guest to execute arbitrary code on the host. CVE-2017-4904 - An unspecified flaw...