Policy-Driven Vulnerability Risk Quantification Framework for Large-Scale Cloud Infrastructure Data Security

The exponential growth of Common Vulnerabilities and Exposures CVE disclosures poses significant challenges for enterprise security management, necessitating automated and quantitative risk assessment methodologies. Existing vulnerability analysis approaches suffer from three critical limitations...

Dotnetnuke < 10.0.1 Stored Cross-Site Scripting (XSS) in Activity Feed (GHSA-wwc9-wmm3-2pmf)

According to its self-reported version, the instance of Dotnetnuke running on the remote web server is prior to 10.0.1. It is, therefore, affected by a vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

Configuration Change Detected (High)

The system detected a change in the controller code that was made via the network. An attacker may use code changes to disrupt normal operations, to cause production losses, or to create a security threat. This plugin only works with Tenable.ot. Please visit...

Abnormal Asset Behavior Detected (High)

This asset behavior is an anomaly that needs to be verified for the root cause. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503204;...

Security Misconfiguration Detected (Medium)

Security misconfigurations present a risk of increased attack surface by allowing malicious entities to communicate with the target assets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Unsecured Authentication Attempt Detected (Low)

A server allow for authentication using credentials in an unencrypted manner over unencrypted channel. Such credentials might be revealed to an attacker intercepting this traffic and used to gain access to data on the server. This plugin only works with Tenable.ot. Please visit...

Abnormal Asset Behavior Detected (Low)

This asset behavior is an anomaly that needs to be verified for the root cause. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503202;...

Abnormal Network Behavior Detected (Medium)

Abnormal network behavior by unexpected assets can indicate reconnaissance of the network by a potential attacker. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Fedora 40 : dnf (2025-21c36b3aa5)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-21c36b3aa5 advisory. This releases preserves enablement state of dnf-automatic.timer when upgrading to Fedora 41. Tenable has extracted the preceding description block directly...

Fedora 40 : fluent-bit (2025-b2bdcfedac)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b2bdcfedac advisory. Update to 3.2.8 - Closes rhbz2137000 rhbz2340164 rhbz2300673 Tenable has extracted the preceding description block directly from the Fedora security advisory...

Gradio UI Detection

The remote web server hosts Gradio UI web application %NASLMINLEVEL 80900 Tenable, Inc. include'compat.inc'; if description scriptid232290; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/03/18"; scriptnameenglish:"Gradio UI Detection";...

Fedora 41 : chromium (2025-25ab311510)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-25ab311510 advisory. Update to chromium-133.0.6943.141 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

OS Fingerprints Detected

Using a combination of remote probes TCP/IP, SMB, HTTP, NTP, SNMP, etc, it was possible to gather one or more fingerprints from the remote system. While the highest-confidence result was reported in plugin 11936, “OS Identification”, the complete set of fingerprints detected are reported here...

Azure Linux 3.0 Security Update: nvidia-container-toolkit (CVE-2024-0132-M)

The version of nvidia-container-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0132-M advisory. - NIST NVD Details CVE-2024-0132 Note that Nessus has not tested for this issue but has...

CVE-2020-4043

phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution discovered, tested, and confirmed by myself, so the risk factor should be regarded as very high...

Fedora 40 : ovn (2025-721a8bada2)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-721a8bada2 advisory. Update the OVN sources to upstream release v24.09.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Fedora 41 : abseil-cpp (2025-7631628ba6)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-7631628ba6 advisory. Update to 20240722.1 - Fix potential integer overflow in hash container create/resize Tenable has extracted the preceding description block directly from the...

Fedora 41 : suricata (2025-e24171db6d)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e24171db6d advisory. Various security, performance, accuracy, and stability issues have been fixed. Tenable has extracted the preceding description block directly from the Fedora...

Microsoft Windows 11 22H2 Home SEoL

Microsoft Windows 11 22H2 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Wireshark SEoL (3.4.x)

According to its version, Wireshark is 3.4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...