EUVD-2019-3180

Malware in sbrugna...

Oracle MySQL Server 9.0.x < 9.4.0 (July 2025 CPU)

The versions of MySQL Server installed on the remote host are affected by a multiple vulnerabilities as referenced in the July 2025 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42,...

WordPress Really Simple Security Pro Plugin 9.0.x < 9.1.2 Authentication Bypass Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:reallysimplesecurity:reallysimplesecuritypro"; if descriptio...

BIT-DRUPAL-2020-13670

Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prio...

Splunk Security Breach

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...

Splunk Security Breach

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...

HCLTech Domino SEoL (9.0.x)

According to its version, HCLTech Domino is 9.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 70300 C...

CVE-2022-36956

In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affects 9.0.x through 9.0.0.1 and 9.1.x through 9.1.0.1...

UBUNTU-CVE-2020-13670

Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prio...

Security feature bypass

Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the readonly set to FALSE under jsonapi.settings config are vulnerable. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.x...

Drupal 7.x < 7.74 / 8.x < 8.8.11 / 8.9.x < 8.9.9 / 9.0.x < 9.0.8 RCE (SA-CORE-2020-012)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.74, 8.x prior to 8.8.11, 8.9.x prior to 8.9.9, or 9.0.x prior to 9.0.8. It is, therefore, affected by a remote code execution vulnerability in its file upload functionality due to a...

IBM WebSphere Application Server 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.18 / 9.0.x < 9.0.5.5 SSRF (CVE-2019-17566)

The IBM WebSphere Application Server running on the remote host is version 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.18, or 9.0.x prior to 9.0.5.5. It is, therefore, affected by a server-side request forgery vulnerability due to improper input validation by the xlink:href attributes. An...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.14 / 9.0.x < 9.0.0.8 Information Disclosure (CVE-2012-5783)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.x through 7.0.0.45, 8.0.0.x through 8.0.0.15, 8.5.0.x prior to 8.5.5.14 or 9.0.x prior to 9.0.0.8. It is, therefore, affected by an information disclosure vulnerability in the Apache Commons HttpClient subcomponent d...

IBM WebSphere MQ 8.0.0.x < 8.0.0.7 / 9.0.0.x < 9.0.0.2 / 9.0.x < 9.0.4 Multiple Vulnerabilities

According to its self-reported version, the IBM WebSphere MQ server installed on the remote Windows host is version 8.0.0.x prior to 8.0.0.7, 9.0.x prior to 9.0.4 or 9.0.0.x prior to 9.0.0.2. It is, therefore, affected by multiple vulnerabilities: - A denial of service vulnerability. An...

Palo Alto Networks PAN-OS 8.1.x < 8.1.12 / 9.0.x < 9.0.6 Privilege Escalation Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.12 or 9.0.x prior to 9.0.6. It is, therefore, affected by a privilege escalation vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid133858; scriptversion"1.3";...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.3 Command Execution (CVE-2020-4163)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.17, or 9.0.x prior to 9.0.5.3. It is, therefore, affected by a command execution vulnerability. An authenticated, remote attacker can exploit this ...

IBM WebSphere Application Server 7.0.0.x <= 7.0.0.45 / 8.0.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.17 / 9.0.x < 9.0.5.2 / Liberty < 19.0.0.11 Information Disclosure (CVE-2019-4441)

The IBM WebSphere Application Server running on the remote host is version 7.0.0.0 through 7.0.0.45, 8.0.0.0 through 8.0.0.15, 8.5.0.x prior to 8.5.5.17, or 9.0.x prior to 9.0.5.2, or Liberty prior to 19.0.0.11. It is, therefore, affected by an information disclosure vulnerability. An...

Design/Logic Flaw

Quest KACE, all versions prior to version 8.0.x, 8.1.x, and 9.0.x, allows unintentional access to the appliance leveraging functions of the troubleshooting tools located in the administrator user interface...

Apache Tomcat 9.0.x < 9.0.0.M3 Multiple Vulnerabilities

Binary data 700699.pasl...

IBM WebSphere MQ and IBM MQ Appliance Denial of Service Vulnerability

IBM WebSphere MQ and IBM MQ Appliance are both products of IBM Corporation, U.S.A. IBM WebSphere MQ is a messaging middleware product of IBM Corporation, U.S.A.; IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware. A security vulnerability...