Cisco Adaptive Security Appliance Software SSH Remote Command Injection Vulnerability (cisco-sa-asa-ssh-rce-gRAuPEUF)

A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by...

FreeBSD : electron32 -- multiple vulnerabilities (cc068959-ce2b-42eb-81ed-055551fe0e51)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the cc068959-ce2b-42eb-81ed-055551fe0e51 advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...

Adobe Dimension < 3.4.3 Arbitrary code execution (APSB21-40) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.3. It is, therefore, affected by a vulnerability as referenced in the APSB21-40 advisory. - Adobe Dimension version 3.4 and earlier is affected by an Uncontrolled Search Path Element element. An unauthenticated...

Adobe After Effects < 17.1.3 Multiple Arbitrary Code Execution (APSB20-62) (macOS)

The version of Adobe After Effects installed on the remote macOS host is prior to 17.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-62 advisory. - Adobe After Effects version 17.1.1 and earlier for Windows is affected by an uncontrolled search path...

Oracle Linux 7 : edk2 (ELSA-2024-12793)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-12793 advisory. - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division- By-Zero due to a UNIT32 overflow via local...

Adobe InDesign 16.0.0 < 16.4.1 Multiple Vulnerabilities (APSB22-05)

The version of Adobe InDesign installed on the remote Windows host is prior to 16.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-05 advisory. - Adobe InDesign version 16.4 and earlier is affected by an out-of-bounds write vulnerability that could result in...

Adobe InCopy 16.0.0 < 16.4.1 Multiple Vulnerabilities (APSB22-04)

The version of Adobe InCopy installed on the remote host is prior to 16.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-04 advisory. - Adobe InCopy version 16.4 and earlier is affected by an out-of-bounds write vulnerability that could result in arbitrary...

Adobe Creative Cloud < 4.0.0.185 Multiple Vulnerabilities (APSB17-13)

The version of Adobe Creative Cloud installed on the remote Windows host is prior to 4.0.0.185. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB17-13 advisory. - Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource...

FreeBSD : oauth2-proxy -- multiple vulnerabilities (dbe8c5bd-8d3f-11ef-8d2e-a04a5edf46d9)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the dbe8c5bd-8d3f-11ef-8d2e-a04a5edf46d9 advisory. The oauth2-proxy project reports: Vulnerabilities have been addressed: Tenable has extracted t...

Atlassian Confluence 3.0.x < 7.19.25 / 7.20.x < 8.5.11 / 8.6.x < 8.9.3 (CONFSERVER-98205)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98205 advisory. - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-43856)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43856 advisory. - In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmamfreecoherent...

Mozilla Thunderbird < 115.16.0

The version of Thunderbird installed on the remote Windows host is prior to 115.16.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-52 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation...

CentOS 6 : chromium-browser (RHSA-2020:4206)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4206 advisory. - Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access...

EulerOS 2.0 SP12 : krb5 (EulerOS-SA-2024-2506)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens wit...

EulerOS 2.0 SP12 : krb5 (EulerOS-SA-2024-2530)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens wit...

CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-27397)

The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27397 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timesta...

Oracle Linux 7 : e2fsprogs (ELSA-2024-12704)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12704 advisory. 1.45.4-3.0.7 - libext2fs: add sanity check to extent manipulation Srivathsa Dara Orabug: 37095032 CVE-2022-1304 Tenable has extracted the preceding description...

Ollama Detection

An Ollama Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208140; scriptversion"1.6";...

Weights & Biases Detection

A Weights & Biases Python library is installed on the remote host. Note that Nessus has relied upon on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid208133; scriptversion"1.6";...

Oracle Linux 7 : kernel (ELSA-2024-6994)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-6994 advisory. 3.10.0-1160.119.1.0.5.el7.OL7 - wifi: mac80211: Avoid address calculations via out of bounds array indexing Kees Cook Orabug: 37092983 Tenable has extracted the...