Lucene search
K
NessusMost viewed

338622 matches found

Tenable Nessus
Tenable Nessus
•added 2009/06/19 12:0 a.m.•1181 views

CGI Generic XSS (quick test)

The remote web server hosts CGI scripts that fail to adequately sanitize request strings with malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the affected site. These...

5.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2018/05/08 12:0 a.m.•1178 views

KB4103723: Windows 10 Version 1607 and Windows Server 2016 May 2018 Security Update

The remote Windows host is missing security update 4103723. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability...

9.3CVSS8.3AI score0.87814EPSS
Exploits34References36
Tenable Nessus
Tenable Nessus
•added 2020/03/02 12:0 a.m.•1177 views

MS15-124: Cumulative Security Update for Internet Explorer (CVE-2015-6161) (3125869)

The version of Internet Explorer installed on the remote host is missing Cumulative Security Update 3125869 and/or a Registry key to prevent the host against CVE-2015-6161. It is, therefore, affected by Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass t...

4.3CVSS6.1AI score0.19747EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2018/01/10 12:0 a.m.•1175 views

Security Updates for Microsoft Office Products (January 2018)

The Microsoft Office Products are missing security updates. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploite...

9.3CVSS9.1AI score0.95121EPSS
Exploits7References26
Tenable Nessus
Tenable Nessus
•added 2019/02/27 12:0 a.m.•1174 views

RARLAB WinRAR < 5.70 Beta 1 Multiple Vulnerabilities

The version of RARLAB WinRAR installed on the remote Windows host is prior to 5.70 Beta 1. It is, therefore, affected by the following vulnerabilities : - An error exists in the file 'unacev2.dll' related to the 'filename' field, that allows a specially crafted ACE archive to overwrite files...

7.8CVSS7.5AI score0.96274EPSS
Exploits16References6
Tenable Nessus
Tenable Nessus
•added 2017/12/07 12:0 a.m.•1173 views

Check Point Gaia Operating System SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (sk103683) (POODLE)

The remote host is running a version of Gaia Operating System that is potentially affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in...

4.3CVSS7AI score0.99999EPSS
Exploits7References5
Tenable Nessus
Tenable Nessus
•added 2012/09/26 12:0 a.m.•1172 views

KeyWorks KeyHelp ActiveX Control Multiple Vulnerabilities

The remote host has KeyWorks KeyHelp ActiveX control installed, which is affected by multiple vulnerabilities : - Multiple stack-based buffer overflows exist that could allow an attacker to execute arbitrary code. CVE-2012-2515 - An unspecified command injection vulnerability. CVE-2012-2516 C...

9.3CVSS6.5AI score0.39711EPSS
Exploits11References4
Tenable Nessus
Tenable Nessus
•added 2023/01/18 12:0 a.m.•1170 views

Apache 2.4.x < 2.4.55 Multiple Vulnerabilities

The version of Apache httpd installed on the remote host is prior to 2.4.55. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.55 advisory. - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory locatio...

9CVSS7AI score0.57941EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 1999/08/30 12:0 a.m.•1167 views

rlogin Service Detection

The rlogin service is running on the remote host. This service is vulnerable since data is passed between the rlogin client and server in cleartext. A man-in-the-middle attacker can exploit this to sniff logins and passwords. Also, it may allow poorly authenticated logins without passwords. If th...

7.5CVSS5.6AI score0.11902EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
•added 2017/12/29 12:0 a.m.•1166 views

ESXi 5.5 / 6.0 / 6.5 / Multiple Vulnerabilities (VMSA-2017-0021) (VMSA-2018-0002) (Spectre) (remote check)

The remote VMware ESXi host is version 5.5, 6.0, or 6.5 and is missing a security patch. It is, therefore, affected by multiple vulnerabilities that can allow code execution in a virtual machine via the authenticated VNC session as well as cause information disclosure from one virtual machine to...

8.8CVSS8AI score0.93838EPSS
Exploits12References8
Tenable Nessus
Tenable Nessus
•added 2017/05/01 12:0 a.m.•1166 views

MikroTik RouterOS HTTP Server Arbitrary Write RCE (ChimayRed)

The MikroTik RouterOS software running on the remote host is affected by a flaw in its HTTP web server process due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted POST request, to write data to an arbitrary location with...

6.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2018/12/13 12:0 a.m.•1165 views

Security Updates for Microsoft .NET Framework (December 2018)

The Microsoft .NET Framework installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully...

10CVSS9.2AI score0.22131EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
•added 2017/02/14 12:0 a.m.•1165 views

Acme thttpd < 2.26 Multiple Vulnerabilities

According to its banner, the version of Acme thttpd server running on the remote host is prior to 2.26. It is, therefore, affected by multiple vulnerabilities : - Multiple buffer overflow conditions exist in the htpasswd utility. A local attacker can exploit these, by calling htpasswd and supplyi...

8.4CVSS6.5AI score0.00526EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
•added 2014/03/18 12:0 a.m.•1164 views

OpenSSH < 6.6 Multiple Vulnerabilities

According to its banner, the version of OpenSSH running on the remote host is prior to 6.6. It is, therefore, affected by the following vulnerabilities : - A flaw exists due to a failure to initialize certain data structures when makefile.inc is modified to enable the J-PAKE protocol. An...

7.5CVSS7.1AI score0.04751EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
•added 2020/09/24 12:0 a.m.•1161 views

HP iLO 3 < 1.93 / HP iLO 4 < 2.75 / HP iLO Superdome 4 < 1.64 / HP iLO 5 < 2.18 / HP Moonshot/Edgeline iLO 5 < 2.30 Ripple20 Multiple vulnerabilities

Multiple security vulnerabilities have been identified in Integrated Lights-Out firmware generation 3 iLO 3 prior to version 1.93, generation 4 iLO 4 prior to version 2.75, and generation 5 iLO 5 prior to version 2.18. Superdome generation 4 versions prior to 1.64 and Moonshot/Edgeline generation...

10CVSS6.9AI score0.36965EPSS
Exploits11References10
Tenable Nessus
Tenable Nessus
•added 2021/05/05 12:0 a.m.•1154 views

Exim < 4.94.2 Multiple Vulnerabilities (21Nails)

According to its banner, the version of Exim running on the remote host is prior to 4.94.2. It is, therefore, potentially affected by multiple vulnerabilities that can lead to remote code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

9.8CVSS8.3AI score0.61061EPSS
Exploits6References24
Tenable Nessus
Tenable Nessus
•added 2021/09/23 12:0 a.m.•1152 views

SSH SHA-1 HMAC Algorithms Enabled

The remote SSH server is configured to enable SHA-1 HMAC algorithms. Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions. Note that...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2024/04/17 12:0 a.m.•1150 views

Apache 2.4.x < 2.4.54 Authentication Bypass

The version of Apache httpd installed on the remote host is prior to 2.4.54. It is, therefore, affected by an authentication bypass vulnerability as referenced in the 2.4.54 advisory. - X-Forwarded-For dropped by hop-by-hop mechanism in modproxy: Apache HTTP Server 2.4.53 and earlier may not send...

9.8CVSS8.6AI score0.0314EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
•added 2010/06/14 12:0 a.m.•1149 views

UnrealIRCd Backdoor Detection

The remote IRC server is a version of UnrealIRCd with a backdoor that allows an attacker to execute arbitrary code on the affected host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid46882; scriptversion"1.16";...

7.5CVSS6.2AI score0.83534EPSS
Exploits10References4
Tenable Nessus
Tenable Nessus
•added 2005/07/27 12:0 a.m.•1149 views

Advanced Guestbook User-Agent Header HTML Injection

The remote host is running Advanced Guestbook, a free guestbook written in PHP. The installed version of Advanced Guestbook fails to properly sanitize the 'HTTPUSERAGENT' environment variable before using it in dynamically-generated content. An attacker can exploit this flaw to launch cross-site...

5.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2020/01/06 12:0 a.m.•1148 views

SSL/TLS Deprecated Ciphers Unsupported

The remote host has open SSL/TLS ports which advertise deprecated cipher suites. The ciphers contained in these suites are no longer supported by most major ssl libraries such as OpenSSL, NSS, Mbed TLS, and wolfSSL and, as such, should not be used for secure communication. Nessus 8.9 and later no...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2022/04/01 12:0 a.m.•1147 views

Apache Tomcat 9.0.0.M1 < 9.0.62 Spring4Shell CVE-2021-43980

The version of Apache Tomcat installed on the remote host is 9.x prior to 9.0.62. - The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat...

9.8CVSS7.5AI score0.99677EPSS
Exploits100References3
Tenable Nessus
Tenable Nessus
•added 2016/02/23 12:0 a.m.•1147 views

ESXi 5.5 < Build 3568722 / 6.0 < Build 3568940 glibc DNS Resolver RCE (VMSA-2016-0002) (remote check)

The remote VMware ESXi host is 5.5 prior to build 3568722 or 6.0 prior to build 3568940. It is, therefore, affected by a stack-based buffer overflow condition in the GNU C Library glibc DNS client-side resolver due to improper validation of user-supplied input when looking up names via the...

8.1CVSS8.6AI score0.89557EPSS
Exploits17References8
Tenable Nessus
Tenable Nessus
•added 2007/08/19 12:0 a.m.•1147 views

Service Detection

Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request. TRUSTED...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2015/02/05 12:0 a.m.•1146 views

FreePBX /recordings/index.php 'ari_auth' Cookie Authentication Bypass

The version of FreePBX hosted on the remote web server is affected by an authentication bypass vulnerability in the FreePBX ARI Framework module / Asterisk Recording Interface ARI. A remote, unauthenticated attacker can exploit this issue to gain full administrator access to the FreePBX server by...

10CVSS6.5AI score0.4299EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
•added 2003/06/17 12:0 a.m.•1145 views

Multiple Dangerous CGI Script Detection

It is possible that the remote web server contains one or more dangerous CGI scripts. Note that this plugin does not actually test for the underlying flaws but instead only searches for scripts with the same name as those with known vulnerabilities. %NASLMINLEVEL 70300 This script was written by...

10CVSS5.4AI score0.15605EPSS
Exploits29References52
Tenable Nessus
Tenable Nessus
•added 2021/12/10 12:0 a.m.•1143 views

ThinkPHP < 5.0.24 RCE

The version of ThinkPhP installed on the remote host is prior to 5.0.24. It is, therefore, affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this to execute arbitrary php code through multiple parameters. Note that Nessus has not tested for this...

9.3CVSS8.7AI score0.97419EPSS
Exploits8References4
Tenable Nessus
Tenable Nessus
•added 2014/03/19 12:0 a.m.•1143 views

ZTE F460 / F660 Cable Modems web_shell_cmd.gch Administrative Backdoor

Nessus was able to access the 'webshellcmd.gch' script on the device, which is a backdoor that allows administrative commands to be run on the device without authentication. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid73104; scriptversion"1.5"; scriptcvsdate"Date:...

10CVSS7.3AI score0.59259EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
•added 2021/12/31 12:0 a.m.•1142 views

Ubiquiti UniFi Network Log4Shell Direct Check (CVE-2021-44228)

Binary data ubiquitiunifinetworklog4shell.nbin...

10CVSS10AI score0.99999EPSS
Exploits347References3
Tenable Nessus
Tenable Nessus
•added 2007/07/12 12:0 a.m.•1142 views

LDAP Crafted Search Request Server Information Disclosure

By sending a search request with a filter set to 'objectClass=', it is possible to extract information about the remote LDAP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid25701; scriptversion"1.25";...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2017/11/16 12:0 a.m.•1141 views

PHP 5.6.x < 5.6.32 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.32. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid104631;...

9.8CVSS7AI score0.26373EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
•added 2002/08/24 12:0 a.m.•1133 views

RPC Services Enumeration

By sending a DUMP request to the portmapper, it was possible to enumerate the ONC RPC services running on the remote port. Using this information, it is possible to connect and bind to each service by sending an RPC request to the remote port. C Tenable Network Security, Inc. include"compat.inc";...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2022/09/13 12:0 a.m.•1132 views

Adobe InCopy < 16.4.3 / 17.0 < 17.4.0 Multiple Vulnerabilities (APSB22-53)

The version of Adobe InCopy installed on the remote host is prior to 16.4.3, 17.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-53 advisory. - Adobe InCopy version 17.3 and earlier and 16.4.2 and earlier are affected by a Heap-based Buffer Overflow...

7.8CVSS7.5AI score0.00595EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
•added 2014/10/17 12:0 a.m.•1131 views

OpenSSL Unsupported (deprecated)

This plugin has been deprecated. For plugins which identify unsupported instances of this product, search the plugin feed for OpenSSL SEoL. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid78555; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate"...

5.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2020/09/15 12:0 a.m.•1127 views

Microsoft Windows WebP Image Extension RCE (August 2020)

The Windows 'WebP Image Extension' or 'WebP from Device Manufacturer' app installed on the remote host is affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this vulnerability via an specially crafted image to execute code and gain control of the...

7.3CVSS7.6AI score0.02592EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2017/01/12 12:0 a.m.•1127 views

Apache 2.2.x < 2.2.32 Multiple Vulnerabilities (httpoxy)

According to its banner, the version of Apache running on the remote host is 2.2.x prior to 2.2.32. It is, therefore, affected by the following vulnerabilities : - The Apache HTTP Server is affected by a man-in-the-middle vulnerability known as 'httpoxy' due to a failure to properly resolve...

8.1CVSS6.5AI score0.55724EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
•added 2007/12/06 12:0 a.m.•1127 views

NetScaler Unencrypted Web Management Interface

The remote Citrix NetScaler web management interface does not use TLS or SSL to encrypt connections. %NASLMINLEVEL 70300 netscalerwebunencrypted.nasl GPLv2 Changes by Tenable: - Revised plugin title 9/23/09 - Added CPE and updated copyright 10/18/2012 - Corrected encryption testing 1/2/2018 -...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2016/04/13 12:0 a.m.•1125 views

Samba Badlock Vulnerability

The version of Samba, a CIFS/SMB server for Linux and Unix, running on the remote host is affected by a flaw, known as Badlock, that exists in the Security Account Manager SAM and Local Security Authority Domain Policy LSAD protocols due to improper authentication level negotiation over Remote...

7.5CVSS7.1AI score0.3693EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2013/03/27 12:0 a.m.•1122 views

Git Repository Served by Web Server

The web server on the remote host allows read access to a Git repository. This potential flaw can be used to download content from the Web server that might otherwise be private. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2017/06/01 12:0 a.m.•1121 views

suidperl Privilege Escalation (PROCSUID)

The suidperl application is installed on the remote host. It is, therefore, affected by a privilege escalation vulnerability that allows a local attacker to gain root privileges. PROCSUID is one of multiple Equation Group vulnerabilities and exploits disclosed on 2017/04/08 by a group known as th...

5.7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2007/09/25 12:0 a.m.•1119 views

EasyMail SMTP Object ActiveX Control Multiple Buffer Overflows

EasyMail Objects, a set of COM objects for supporting email protocols, is installed on the remote Windows host. It may have been bundled with a third-party application, such as Oracle Document Capture, Earthlink internet access software, Borland Caliber RM Client, and FrontRange Heat. The SMTP...

9.3CVSS6.3AI score0.56379EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
•added 2017/08/08 12:0 a.m.•1118 views

KB4036996: Security Update for SQL Server (August 2017)

The remote Microsoft SQL Server is missing a security update. It is, therefore, affected by an information disclosure vulnerability in Microsoft SQL Server Analysis Services when it improperly enforces permissions. An attacker could exploit the vulnerability if the attacker's credentials allow...

7.5CVSS7.5AI score0.08041EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
•added 2011/11/18 12:0 a.m.•1116 views

Apache mod_suexec Multiple Privilege Escalation Vulnerabilities

The remote host appears to be running Apache and is potentially affected by the following vulnerabilities: - Multiple race conditions exist in suexec between the validation and usage of directories and files. Under certain conditions local users are able to escalate privileges and execute arbitra...

6.2CVSS6AI score0.00703EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 2024/07/01 12:0 a.m.•1115 views

OpenSSH < 9.8 RCE

The version of OpenSSH installed on the remote host is prior to 9.8. It is, therefore, affected by a vulnerability as referenced in the release-9.8 advisory. - This release contains fixes for two security problems, one critical and one minor. 1 Race condition in sshd8 A critical vulnerability in...

8.1CVSS8AI score0.99506EPSS
Exploits68References3
Tenable Nessus
Tenable Nessus
•added 2009/07/30 12:0 a.m.•1114 views

MS09-035: Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)

The remote Windows host contains a version of the Microsoft Active Template Library ATL, included as part of Visual Studio or Visual C++, that is affected by multiple vulnerabilities : - On systems with components and controls installed that were built using Visual Studio ATL, an issue in the ATL...

9.3CVSS6AI score0.43389EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
•added 2018/12/11 12:0 a.m.•1112 views

Oracle GlassFish Server 3.1.2.x < 3.1.2.19 (October 2018 CPU)

According to its self-reported version, the Oracle GlassFish Server running on the remote host is 3.1.2.x prior to 3.1.2.19. Is is, therefore, affected by multiple vulnerabilities: - A vulnerability could allow an Attacker with unauthenticated network access to compromise Oracle GlassFish Server....

8.3CVSS6.8AI score0.02025EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 2017/03/02 12:0 a.m.•1111 views

F5 Networks BIG-IP : OpenSSL vulnerability (K13167034)

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

7.5CVSS7.3AI score0.95707EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
•added 2013/04/03 12:0 a.m.•1103 views

VNC Server Unencrypted Communication Detection

This script checks the remote VNC server protocol version and the available 'security types' to determine if any unencrypted 'security-types' are in use or available. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65792; scriptversion"$Revision: 1.3 $";...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2022/06/23 12:0 a.m.•1101 views

Apache Tomcat 9.0.30 < 9.0.65

The version of Tomcat installed on the remote host is prior to 9.0.65. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.65security-9 advisory. - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form...

6.1CVSS7.4AI score0.06156EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2004/12/03 12:0 a.m.•1099 views

SSL Certificate Expiry

This plugin checks expiry dates of certificates associated with SSL- enabled services on the target and reports whether any have already expired. TRUSTED...

5.5AI score
Exploits0
Total number of security vulnerabilities5000