77 matches found
Photon OS 5.0: Libsoup PHSA-2025-5.0-0614
An update of the libsoup package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0614. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Linux PHSA-2025-5.0-0610
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0610. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Grub2 PHSA-2025-4.0-0861
An update of the grub2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0861. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Important Photon OS Security Update - PHSA-2025-4.0-0857
Updates of 'linux' packages of Photon OS have been released...
Photon OS 5.0: Icu PHSA-2025-5.0-0578
An update of the icu package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0578. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid25227...
Vulnerability fixed in SonicWall SonicOS
SonicWall has fixed a vulnerability in SonicOS. The vulnerability is in how SonicOS' SSL VPN interface handles externally controlled formatting strings. This can be exploited by external, unauthenticated attackers, leading to service disruptions. Attackers can exploit this vulnerability to affect...
CVE-2021-34614
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...
Vulnerability fixed in Adobe Illustrator
Adobe has fixed a vulnerability in Illustrator Specifically for versions 29.3, 28.7.5 and earlier. The vulnerability is in the way Illustrator handles files. A malicious party can exploit this vulnerability by creating a malicious file that, when opened by a user, can lead to arbitrary code...
Photon OS 4.0: Linux PHSA-2025-4.0-0787
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0787. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Vulnerability fixed in PostgreSQL
A vulnerability has been fixed in PostgreSQL. The vulnerability is located in the libpq functions of PostgreSQL and involves an SQL injection error. Improper processing of quotes and incorrectly formed UTF-8 sequences can lead to arbitrary code execution. This vulnerability is being actively...
Security Bulletin: There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2024-40094).
Summary There is a Denial of Service vulnerability in IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2024-40094. An update to IBM CICS TX Advanced has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2024-40094 DESCRIPTION: GraphQL Java aka...
Vulnerability fixed in pgAdmin
pgAdmin has fixed a vulnerability in pgAdmin 8.11. A malicious party could exploit the vulnerability to gain access to sensitive data. pgAdmin has released an update to fix the vulnerability. See attached references for more information...
HPESBHF04632 rev.3 - HPE Compute Scale-up Server 3200, Superdome Flex and Superdome Flex 280 servers, Local Buffer Overflow
Potential Security Impact: Local: Buffer Overflow SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Compute Scale-up Server 3200 - Prior to v1.20.128 HPE Superdome Flex 280 Server - Prior to v1.80.20 HPE Superdome Flex Server - Prior to v3.100.26 CVSS Scores: | CVE | CVSS Vector...
Vulnerabilities fixed in ConnectWise ScreenConnect
Connectwise has fixed vulnerabilities in ScreenConnect. A unauthenticated malicious person could exploit the vulnerabilities to create a new administrator account. An exploit is available that makes the chance of exploitation significant. At this no CVEs have yet been assigned to the...
Vulnerability fixed in Fortinet FortiOS and FortiProxy
Fortinet has fixed a vulnerability in FortiOS and FortiProxy. An authenticated malicious party can exploit the vulnerability to execute commands on the system that it is initially is not authorized to do. Fortinet has released an update to fix the vulnerability fix in FortiOS and FortiProxy. For...
Vulnerabilities fixed in Zoho ManageEngine Password Manager pro
Zoho has fixed vulnerabilities in ManageEngine Password Manager pro. An authenticated malicious person could exploit them to bypass a security measure, manipulate data manipulate data for which the malicious party is not authorized, and gain access to sensitive data. No CVE ID has been disclosed...
Vulnerabilities fixed in BIND
ISC has fixed several vulnerabilities in BIND. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service. ISC has released updates to fix the vulnerabilities in BIND. For more information, see: https://kb.isc.org/docs/cve-2022-2795...
CVE-2022-23662
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager versions: 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...
CVE-2022-23659
A remote reflected cross site scripting xss vulnerability was discovered in Aruba ClearPass Policy Manager versions: 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...
CVE-2022-23699
A local authentication restriction bypass vulnerability was discovered in HPE OneView versions: Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView...