Adobe Illustrator < 28.7.5 / 29.0.0 < 29.3.0 Multiple Vulnerabilities (APSB25-17)

The version of Adobe Illustrator installed on the remote Windows host is prior to 28.7.5, 29.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-17 advisory. - Out-of-bounds Write CWE-787 potentially leading to Arbitrary code execution CVE-2025-27169 - Untruste...

Atlassian Confluence 7.19.x < 7.19.26 (CONFSERVER-98189)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-98189 advisory. - moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an...

CentOS 7 : thunderbird (RHSA-2022:9079)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9079 advisory. - If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER...

AlmaLinux 9 : golang (ALSA-2024:6913)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6913 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions...

Oracle Linux 8 : pcs (ELSA-2024-6670)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6670 advisory. 0.10.18-2.0.1.el810.2 - Replace HAM-logo.png with a generic one 0.10.18-2.el810.2 - Updated rubygem rexml Resolves: RHEL-52409, RHEL-52788, RHEL-55997...

WordPress Plugin 'GiveWP - Donation Plugin and Fundraising Platform' < 3.14.2 RCE

The WordPress application running on the remote host has a version of the 'GiveWP - Donation Plugin and Fundraising Platform' plugin that is prior to 3.14.2. It is, therefore, affected by a remote code execution vulnerability. Deserialization of malicious PHP objects injected through the...

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-2237)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the...

Juniper Junos OS Vulnerability (JSA83000)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83000 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on SRX Series, and MX Series with SP...

GLSA-202407-19 : Mozilla Thunderbird: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-19 Mozilla Thunderbird: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding...

SUSE SLES12 Security Update : libzypp, zypper (SUSE-SU-2024:2080-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2080-1 advisory. - CVE-2017-9271: Fixed proxy credentials written to log files bsc1050625. Tenable has extracted the preceding description block directly fro...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 23.10 : LibTIFF vulnerabilities (USN-6644-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6644-1 advisory. It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a...

F5 Networks BIG-IP : BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability (K000134516)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000134516 advisory. - When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication...

Security Updates for Microsoft Dynamics 365 (on-premises) (February 2024)

The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by multiple vulnerabilities. - Cross-site scripting XSS in Microsoft Dynamics 365 CVE-2024-21327, CVE-2024-21389, CVE-2024-21393, CVE-2024-21395 - Spoofing vulnerability in the Sales and Field Service...

Debian dsa-5609 : libpam-slurm - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5609 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5609-1...

RHEL 8 : tigervnc (RHSA-2024:0128)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0128 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it ...

RHEL 9 : containernetworking-plugins (RHSA-2023:7766)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7766 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfac...

Vim < 9.0.2121

Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...

Fedora 38 : webkitgtk (2023-11aaf99627)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-11aaf99627 advisory. Bump Safari version in user agent header. Fix blob URL regression that broke many websites. Fix several crashes and rendering issues. Fix...

GLSA-202311-03 : SQLite: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202311-03 SQLite: Multiple Vulnerabilities - An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function. CVE-2021-31239 - SQLite through 3.40.0, when relying o...

Fedora 37 : tigervnc (2023-4708733ccc)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4708733ccc advisory. Fixes CVEs reported against Xserver. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...