64 matches found
NodeBB < 4.0.5 Multiple Vulnerabilities
NodeBB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodebb:nodebb"; ifdescription...
Google Chrome Security Update (stable-channel-update-for-desktop_8-2025-04) - Mac OS X
Google Chrome is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...
JVN#87266215: WordPress plugin "Welcart e-Commerce" vulnerable to untrusted data deserialization
WordPress plugin "Welcart e-Commerce" provided by Welcart Inc. contains an untrusted data deserialization vulnerability CWE-502. Impact Arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product. Solution Update the plugin Update the plug...
KLA82139 SB vulnerability in Mozilla Firefox ESR
Security vulnerability was found in Mozilla Firefox ESR. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories MFSA2025-19 Related products Mozilla-Firefox-ESR CVE list CVE-2025-2857 critical Solution Update to the latest version Download Firefox ESR...
Google Chrome Security Update (stable-channel-update-for-desktop_10-2025-03) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
QNAP QuTS hero SSRF Vulnerability (QSA-24-53)
QNAP QuTS hero is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Buffalo LinkStation Arbitrary File Read Vulnerability (Mar 2025) - Active Check
Buffalo LinkStation is prone to an arbitrary file read vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...
Debian: Security Advisory (DLA-4061-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MikroTik RouterOS 6.43 - 7.17.2 User Enumeration Vulnerability
MikroTik RouterOS is prone to a user enumeration vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:mikrotik:routeros...
OpenBSD OpenSSH 9.5p1 - 9.9p1 DoS Vulnerability
OpenBSD OpenSSH is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Mageia: Security Advisory (MGASA-2025-0051)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA79489 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Skia can be exploited to cause denial of service or execute...
Oracle VirtualBox Security Update (Jan 2025) - Windows
Oracle VirtualBox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...
Oracle Linux 8 : webkit2gtk3 (ELSA-2025-0145)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0145 advisory. 2.46.5-1 - Update to 2.46.5 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...
Wireshark 3.6.x < 3.6.14, 4.x < 4.0.6 Multiple Vulnerabilities (Jan 2025) - Windows
Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...
AlmaLinux 8 : libsndfile (ALSA-2024:11192)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11192 advisory. libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 Tenable has extracted the preceding description block directly from the...
Nutanix AHV : (NXSA-AHV-20220304.511)
The version of AHV installed on the remote host is prior to 20220304.511. It is, therefore, affected by a vulnerability as referenced in the NXSA-AHV-20220304.511 advisory. - ICMP information such as 1 netmask and 2 timestamp is allowed from arbitrary hosts. CVE-1999-0524 Note that Nessus has not...
Google Chrome Security Update (stable-channel-update-for-desktop-2024-12) - Windows
Google Chrome is prone to a type confusion vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...
Mozilla Thunderbird Security Update (MFSA2024-67) - Mac OS X
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
JVN#42386607: Assimp vulnerable to heap-based buffer overflow
PlyLoader.cpp of Assimp provided by Open Asset Import Library contains a heap-based buffer overflow vulnerability CWE-122. Impact An attacker may execute arbitrary code by importing a specially crafted file into the product. Solution Update the Software Update the software to the latest version...