391 matches found
HSEC-2023-0012 git-annex checksum exposure to encrypted special remotes
git-annex checksum exposure to encrypted special remotes A bug exposed the checksum of annexed files to encrypted special remotes, which are not supposed to have access to the checksum of the un-encrypted file. This only occurred when resuming uploads to the encrypted special remote, so it is...
EUVD-2002-2422
Malware in sbrugna...
EUVD-2007-1626
Malware in sbrugna...
EUVD-2004-2398
Malware in sbrugna...
CVE-2004-2407
Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality...
CVE-2002-2444
Snoopy before 2.0.0 has a security hole in exec cURL...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 131, which stemmed from the inclusion of a memory security hole...
Synology DiskStation Manager Exposure of Sensitive Information to an Unauthorized Actor (CVE-2014-2264)
The OpenVPN module in Synology DiskStation Manager DSM 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 131, which stemmed from the inclusion of a memory security hole...
LangChain Python Library < 0.0.317 (CVE-2023-46229)
LangChain is a framework for developing applications powered by large language models. LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server. Note that Nessus has not tested for this issue but has...
Notepad++ < 8.1.1 Arbitrary Code Execution
The version of Notepad++ installed on the remote host is prior to 8.1.1. It is, therefore, affected by a arbitary code execution vulnerability in the dbghelp.exe file, allowing a attacker with local access to abuse the uncontrolled search path to execute arbitrary code and gain access. Note that...
Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0701)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0701 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list of vulnerabilities is as follows - CVE-2024-37079 & CVE-2024-37080 CVSS scores: 9.8 -...
CVE-2021-47401
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space or triggering an oops. Driver...
CVE-2021-47401
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space or triggering an oops. Driver...
CVE-2021-47401
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space or triggering an oops. Driver...
CVE-2021-47401
CVE-2021-47401 concerns a Linux kernel vulnerability in the ipack: ipoctal path where the tty driver name was allocated on the stack, enabling a stack information leak to user space. The issue arises because the tty device name could be revealed after registration, and another driver copied the p...
CVE-2021-47401 ipack: ipoctal: fix stack information leak
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space or triggering an oops. Driver...
CVE-2021-47401 ipack: ipoctal: fix stack information leak
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space or triggering an oops. Driver...
CVE-2021-47401
In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space or triggering an oops. Driver...