451 matches found
GitLab 8.3 < 17.6.5 / 17.7 < 17.7.4 / 17.8 < 17.8.2 (CVE-2025-1212)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to ...
Golang 1.22 < 1.22.11 / 1.23 < 1.23.5 Multiple Vulnerabilities (macOS)
The version of Golang running on the remote host is 1.24 prior to 1.24rc2. It is, therefore, is affected by multiple vulnerabilities: - net/http: Sensitive headers are incorrectly sent after cross-domain redirect CVE-2024-45336 - crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints...
Fortinet FortiClient Agent (FG-IR-24-300) (macOS)
The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-300 advisory. - An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to Mac...
NodeBB < 3.11.1 XSS Vulnerability
NodeBB is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodebb:nodebb";...
XSS on Insert page
PMASA-2025-2 Announcement-ID: PMASA-2025-2 Date: 2025-01-20 Updated: 2025-01-23 Summary XSS on Insert page Description An XSS vulnerability has been discovered with the phpMyAdmin "Insert" tab. Severity We consider this vulnerability to be of moderate severity. Affected Versions phpMyAdmin versio...
[ASA-202501-1] rsync: multiple issues
Arch Linux Security Advisory ASA-202501-1 ========================================= Severity: Critical Date : 2025-01-14 CVE-ID : CVE-2024-12084 CVE-2024-12085 CVE-2024-12086 CVE-2024-12087 CVE-2024-12088 CVE-2024-12747 Package : rsync Type : multiple issues Remote : Yes Link :...
TYPO3 13.4.3 (TYPO3-CORE-SA-2025-001)
The version of TYPO3 installed on the remote host is prior to 13.4.3. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-001 advisory. - It has been discovered that the Install Tool password has been logged as plaintext in case the password hashing mechanism use...
Mozilla Firefox SEoL (127.x)
According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...
IBM DB2 SEoL (10.1.x)
According to its version, IBM DB2 is 10.1.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...
Mozilla Firefox SEoL (29.x)
According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...
Mozilla Firefox SEoL (25.x)
According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...
Wireshark SEoL (2.2.x)
According to its version, Wireshark is 2.2.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...
Mozilla Thunderbird SEoL (11.x)
According to its version, Mozilla Thunderbird version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may...
Mozilla Firefox SEoL (123.x)
According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...
Mozilla Firefox SEoL (111.x)
According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...
GitLab 15.5 < 17.5.5 / 17.6 < 17.6.3 / 17.7 < 17.7.1 (CVE-2024-12431)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of...
Security Bulletin: A vulnerability in the follow-redirect module affects IBM Db2 Big SQL on Cloud Pak for Data
Summary A vulnerability in the node.js follow-redirect module affects IBM Db2 Big SQL 7.6 on Cloud Pak for Data 4.8 Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information, caused by the...
python-libarchive Python Library <= 4.2.1 Directory Traversal (CVE-2024-55587)
The version of the python-libarchive Python library that is installed on the remote host is 4.2.1 or prior. It is, therefore, affected by a directory traversal vulnerability. python-libarchive through 4.2.1 allows directory traversal to create files in extract in zip.py for ZipFile.extractall and...
Kolide Agent for Windows >= 1.5.3 < 1.12.3 Privilege Escalation (CVE-2024-54131)
The version of Kolide Agent for Windows installed on the remote host is greater or equal to 1.5.3 and prior to 1.12.3. It is, therefore, affected by a privilege escalation vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported...
GitLab 16.1 < 17.4.6 / 17.5 < 17.5.4 / 17.6 < 17.6.2 (CVE-2024-11274)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - URL Redirection to Untrusted Site 'Open Redirect' in GitLab CVE-2024-11274 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...