Apple iTunes < 12.13.3 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.13.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 121328 advisory. - A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 f...

Apple iTunes < 12.12.3 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.12.3. It is, therefore, affected by multiple vulnerabilities as referenced in the HT213188 advisory. - Processing a maliciously crafted image may lead to arbitrary code execution CVE-2022-22611 - Processing a...

Microsoft RDP RCE (CVE-2019-0708) (BlueKeep) (uncredentialed check)

Binary data msrdpcve-2019-0708.nbin...

MS16-136: Security Update for SQL Server (3199641) (uncredentialed check)

The remote Microsoft SQL Server is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple elevation of privilege vulnerabilities exist in the SQL RDBMS Engine due to improper handling of pointer casting. An authenticated, remote attacker can exploit these t...

MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check)

The remote Windows host is affected by the following vulnerabilities : - Multiple remote code execution vulnerabilities exist in Microsoft Server Message Block 1.0 SMBv1 due to improper handling of certain requests. An unauthenticated, remote attacker can exploit these vulnerabilities, via a...

MS15-058: Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718) (uncredentialed check)

The remote Microsoft SQL Server installation is affected by multiple vulnerabilities : - A privilege escalation vulnerability exists due to the casting of pointers to an incorrect class. An authenticated, remote attacker can exploit this, via a specially crafted SQL query, to gain elevated...

HP LoadRunner 11.52 Buffer Overflow RCE (uncredentialed check)

Binary data hploadrunnerHPSBGN03286rce.nbin...

Apple iTunes < 12.0.1 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes on the remote host is prior to version 12.0.1. It is, therefore, affected by multiple vulnerabilities related to the included version of WebKit. The errors could lead to application crashes or arbitrary code execution. Note that Nessus has not tested for this issue but...

MS07-029: Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966) (uncredentialed check)

According to its self-reported version number, the Microsoft DNS Server running on the remote host contains an issue that could allow an attacker to execute arbitrary code with SYSTEM privileges. To exploit this issue, an attacker needs to connect to the DNS server RPC interface and send malforme...

3S CoDeSys Runtime Toolkit NULL Pointer Dereference (uncredentialed check)

Binary data scadacodesysplcwinnt24744remote.nbin...

CA ARCserve Backup Remote Code Execution (CA20121018) (uncredentialed check)

Binary data arcservebackupcve-2012-2971.nbin...

Apple iTunes < 10.7 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes on the remote host is prior to version 10.7. It is, therefore, affected by multiple memory corruption vulnerabilities in the WebKit component. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62078; scriptversion"1.16"; scriptcvsdate"Date:...

Vulnerability in TLS Could Allow Information Disclosure (2655992) (uncredentialed check)

Binary data tlsblockcipherpaddingverify.nbin...

MS11-100: ASP.NET Could Allow Denial of Service (2638420) (uncredentialed check)

Binary data aspnethashcollisiondos.nbin...

Adobe RoboHelp FlashHelp Unspecified XSS (APSB11-09) (uncredentialed check)

The published RoboHelp project on the remote host contains a cross-site scripting vulnerability in its wfstatus.htm and wftopicfs files. An attacker may be able to leverage this issue to execute arbitrary script code in the browser of an authenticated user in the context of the affected site and ...

Stuxnet Worm Detection (uncredentialed check)

Binary data stuxnetdetectnocreds.nbin...

MS10-075: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679) (uncredentialed check)

Binary data rtsp-useafterfree-ms10-075.nbin...

MS10-012: Vulnerabilities in SMB Could Allow Remote Code Execution (971468) (uncredentialed check)

The remote host is affected by several vulnerabilities in the SMB server that may allow an attacker to execute arbitrary code or perform a denial of service against the remote host. These vulnerabilities depend on access to a shared drive, but do not necessarily require credentials. C Tenable...

Skype skype: URI Handling /Datapath Argument Injection Settings Manipulation (uncredentialed check)

According to its timestamp, the version of Skype installed on the remote Windows host fails to sanitize input in its URI handler to its '/Datapath' argument, which specifies the location of the Skype configuration files and security policy. If an attacker can trick a user on the affected system...

WordPress < 2.8.4 'wp-login.php' 'key' Parameter Remote Administrator Password Reset (uncredentialed check)

According to its version number, the version of WordPress running on the remote server has a flaw in the password reset mechanism. Validation of the secret user activation key can be bypassed by providing an array instead of a string. This allows anyone to reset the password of the first user in...