Lucene search
K
NessusMost viewed

339710 matches found

Tenable Nessus
Tenable Nessus
•added 2017/07/11 12:0 a.m.•804 views

Windows 2008 July 2017 Multiple Security Updates

The remote Windows host is missing multiple security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the Windows Performance Monitor Console due to improper parsing of XML input that contains a reference to an external entity. ...

10CVSS7.6AI score0.58078EPSS
Exploits7References40
Tenable Nessus
Tenable Nessus
•added 2017/06/22 12:0 a.m.•804 views

Apache 2.2.x < 2.2.33-dev / 2.4.x < 2.4.26 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.2.x prior to 2.2.33-dev or 2.4.x prior to 2.4.26. It is, therefore, affected by the following vulnerabilities : - An authentication bypass vulnerability exists due to third-party modules using the apgetbasicauthpw...

9.8CVSS6.9AI score0.57472EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
•added 2018/05/04 12:0 a.m.•802 views

PHP 5.6.x < 5.6.36 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.36. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid109576;...

8.8CVSS6.7AI score0.10433EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 2009/04/24 12:0 a.m.•800 views

Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure

The remote host is a Linksys WVC54GCA network camera. The version of the firmware of the remote camera contains a flaw that allows authenticated users to download the .htpasswd file from the remote host, which gives them the ability to crack the passwords of other users, including the password of...

3.5CVSS5.5AI score0.00924EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
•added 2005/10/04 12:0 a.m.•799 views

FTP Writable Directories

By crawling through the remote FTP server, Nessus discovered several directories were marked as being world-writable. This could have several negative impacts : - Temporary file uploads are sometimes immediately available to all anonymous users, allowing the FTP server to be used as a 'drop' poin...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2016/04/29 12:0 a.m.•795 views

HP Data Protector 7.0x < 7.03 build 108 / 8.1x < 8.15 / 9.0x < 9.06 Multiple Vulnerabilities (HPSBGN03580) (Bar Mitzvah)

The version of HP Data Protector installed on the remote host is 7.0x prior to 7.03 build 108, 8.1x prior to 8.15, or 9.0x prior to 9.06. It is, therefore, affected by the following vulnerabilities : - A security feature bypass vulnerability exists, known as Bar Mitzvah, due to improper combinati...

10CVSS6.7AI score0.94297EPSS
Exploits14References11
Tenable Nessus
Tenable Nessus
•added 2022/10/11 12:0 a.m.•794 views

KB5018419: Windows 10 version 1809 / Windows Server 2019 Security Update (October 2022)

The remote Windows host is missing security update 5018419. It is, therefore, affected by multiple vulnerabilities - Server Service Remote Protocol Elevation of Privilege Vulnerability CVE-2022-38045 - Microsoft ODBC Driver Remote Code Execution Vulnerability CVE-2022-38040 - Microsoft WDAC OLE D...

8.8CVSS7.4AI score0.56269EPSS
Exploits0References61
Tenable Nessus
Tenable Nessus
•added 2013/10/28 12:0 a.m.•793 views

SSH Algorithms and Languages Supported

This script detects which algorithms and languages are supported by the remote service for encrypting communications. TRUSTED...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2012/09/25 12:0 a.m.•793 views

SAP Host Control SOAP Web Service Detection

SAP Host Control, a SOAP endpoint, is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62292; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"SAP Host Control SOAP Web Service Detection"; scriptsummaryenglish:"Looks f...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2022/09/13 12:0 a.m.•792 views

SUSE SLES15 / openSUSE 15 Security Update : nodejs16 (SUSE-SU-2022:3250-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3250-1 advisory. - CVE-2022-35949: Fixed SSRF when an application takes in user input into the path/pathname option of undici.request...

9.8CVSS6.8AI score0.03465EPSS
Exploits3References14
Tenable Nessus
Tenable Nessus
•added 2017/07/14 12:0 a.m.•792 views

Foscam C1 IP Camera FTP Hard Coded Password

Nessus was able to log in to the remote FTP server, using the username 'r' with the password 'r', and identify the remote server as a vulnerable Foscam C1 IP Camera. A remote attacker can exploit this to access its FTP service and the mounted Micro-SD card. C Tenable Network Security, Inc...

9.8CVSS8.4AI score0.02645EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added 2013/01/28 12:0 a.m.•791 views

MySQL Protocol Remote User Enumeration

The version of MySQL or MariaDB running on the remote host has a user enumeration vulnerability. A remote, unauthenticated attacker could exploit this to learn the names of valid database users. This information could be used to mount further attacks. C Tenable Network Security, Inc...

5CVSS7.2AI score0.14784EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added 2010/12/14 12:0 a.m.•788 views

BMC SNMP Agent Default Community Name (public)

The remote SNMP server, listening on port 8161 probably part of BMC Patrol has a community name set to 'public'. An attacker may use this information to gain more knowledge about the remote host or to change the configuration of the remote system if the default community allow such modifications....

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2021/12/14 12:0 a.m.•787 views

Log4Shell Ecosystem Wrapper

"This plugin was used in the scan template 'Log4Shell Vulnerability Ecosystem' prior to 2/2/2022 as a way to include other plugins related to the Log4j vulnerabilities CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, and CVE-2021-4104, including those based on patches from other vendors." + '\n' +...

9CVSS7.5AI score0.99977EPSS
Exploits41
Tenable Nessus
Tenable Nessus
•added 2018/10/02 12:0 a.m.•787 views

AXIS Multiple Vulnerabilities (ACV-128401)

The firmware version running on the remote host is vulnerable to multiple vulnerabilities. An unauthenticated remote attacker could gain system-level unauthorized access to the affected device. Note that Nessus has not tested for these issues but has instead relied only on the application's...

10CVSS8.1AI score0.86682EPSS
Exploits10References9
Tenable Nessus
Tenable Nessus
•added 2017/03/31 12:0 a.m.•787 views

ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)

The version of the remote VMware ESXi 6.0 host is 6.0 U1 prior to build 5251621, 6.0 U2 prior to build 5251623, or 6.0 U3 prior to build 5224934. It is, therefore, affected by multiple vulnerabilities : - A stack memory initialization flaw exists that allows an attacker on the guest to execute...

8.8CVSS8AI score0.01204EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
•added 2002/07/01 12:0 a.m.•785 views

Multiple Server Crafted Request WEB-INF Directory Information Disclosure

By making a specially-formatted request to the remote web server, it is possible to retrieve files located under the 'WEB-INF' directory. Note that this vulnerability is known to affect the Win32 versions of multiple J2EE servlet containers / application servers. %NASLMINLEVEL 70300 This script w...

5CVSS7.3AI score0.04534EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
•added 2016/07/15 12:0 a.m.•784 views

Apache 2.4.18 / 2.4.20 X.509 Certificate Authentication Bypass

According to its banner, the version of Apache running on the remote host is either 2.4.18 or 2.4.20. Additionally, HTTP/2 is enabled over TLS or SSL. It is, therefore, affected by the an authentication bypass vulnerability in the experimental module for the HTTP/2 protocol due to a failure to...

7.5CVSS7.4AI score0.18802EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2006/05/27 12:0 a.m.•782 views

UBB.threads addpost_newpoll.php thispath Parameter Remote File Inclusion

The version of UBB.threads installed on the remote host fails to sanitize input to the 'thispath' parameter before using it in a PHP include function in the 'addpostnewpoll.php' script. Provided PHP's 'registerglobals' setting is enabled, an unauthenticated attacker may be able to exploit this fl...

5.1CVSS6AI score0.07873EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
•added 2023/02/15 12:0 a.m.•781 views

PHP 8.2.x < 8.2.3 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.0.x prior to 8.0.28, 8.1.x prior to 8.1.16, or 8.2.x prior to 8.2.3. It is, therefore, affected by multiple vulnerabilities: - A denial of service DoS attack due to insufficient validation of...

8.1CVSS7.7AI score0.01408EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
•added 2019/01/08 12:0 a.m.•781 views

SSL / TLS Certificate Known Hard Coded Private Keys

The remote host is running a service that is using a publicly known SSL / TLS private key. An attacker may use this key to decrypt intercepted traffic between users and the device. A remote attacker can also perform a man-in-the-middle attack in order to gain access to the system or modify data i...

7.5CVSS6.3AI score0.01981EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
•added 2010/01/25 12:0 a.m.•780 views

CGI Generic Unseen Parameters Discovery

By sending requests with additional parameters such as 'admin', 'debug', or 'test' to CGI scripts hosted on the remote web server, Nessus was able to generate at least one significantly different response even though the parameters themselves do not actually appear in responses. This behavior...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2015/10/19 12:0 a.m.•779 views

Lexmark Printer config.html Administrator Authentication Bypass (FREAK)

According to its firmware version, the remote Lexmark printer is affected by a security feature bypass vulnerability, known as FREAK Factoring attack on RSA-EXPORT Keys, due to the support of weak EXPORTRSA cipher suites with keys less than or equal to 512 bits. A man-in-the-middle attacker may b...

4.3CVSS7.5AI score0.98685EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2019/09/18 12:0 a.m.•778 views

MariaDB 5.5.0 < 5.5.64 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.64. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.64 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that ar...

4.9CVSS6.7AI score0.0301EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 2022/10/11 12:0 a.m.•777 views

KB5018410: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (October 2022)

The remote Windows host is missing security update 5018410. It is, therefore, affected by multiple vulnerabilities - Server Service Remote Protocol Elevation of Privilege Vulnerability CVE-2022-38045 - Microsoft ODBC Driver Remote Code Execution Vulnerability CVE-2022-38040 - Microsoft WDAC OLE D...

8.8CVSS7.4AI score0.56269EPSS
Exploits0References64
Tenable Nessus
Tenable Nessus
•added 2022/04/01 12:0 a.m.•777 views

Apache Tomcat 8.x < 8.5.78 Spring4Shell CVE-2021-43980

The version of Apache Tomcat installed on the remote host is 8.x prior to 8.5.78. - The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing but extremely hard to trigger concurrency bug in Apache Tomcat...

9.8CVSS7.5AI score0.99677EPSS
Exploits101References3
Tenable Nessus
Tenable Nessus
•added 2002/11/18 12:0 a.m.•777 views

Service Detection (HELP Request)

It was possible to identify the remote service by its banner or by looking at the error message it sends when it receives a 'HELP' request. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11153; scriptversion"1.318"; scriptsetattributeattribute:"pluginmodificationdate...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2014/11/12 12:0 a.m.•776 views

VMware vCenter Converter 5.1.x < 5.1.2 / 5.5.x < 5.5.3 Multiple Vulnerabilities (VMSA-2014-0010) (Shellshock)

The version of VMware vCenter Converter installed on the remote Windows host is 5.1.x prior to 5.1.2 or 5.5.x prior to 5.5.3. It is, therefore, affected by the following vulnerabilities : - A command injection vulnerability exists in GNU Bash known as Shellshock, which is due to the processing of...

10CVSS8AI score0.99999EPSS
Exploits158References13
Tenable Nessus
Tenable Nessus
•added 2013/05/06 12:0 a.m.•774 views

Lexmark Markvision Enterprise Default Credentials

The remote Lexmark Markvision Enterprise install, a web-based printer and multi-function device management system, is protected with a set of known default credentials that allow admin level access to the application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2017/06/13 12:0 a.m.•773 views

KB4022727: Windows 10 Version 1507 June 2017 Cumulative Update

The remote Windows 10 version 1507 host is missing security update KB4022727. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Hyper-V instruction emulation due to a failure to properly enforce privilege levels. An attacker on a...

10CVSS7.6AI score0.90026EPSS
Exploits89References65
Tenable Nessus
Tenable Nessus
•added 2012/01/17 12:0 a.m.•773 views

SSL Certificate Chain Analysis

This plugin examines the chain of X.509 certificates used by this service. TRUSTED...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2001/08/29 12:0 a.m.•773 views

HP System Management Homepage Detection

HP System Management Homepage SMH, formerly Compaq Web Management, is running on the remote web server. SMH is a web-based application for managing HP ProLiant and Integrity servers, or HP 9000 and HP Integrity servers. C Tenable Network Security, Inc. include"compat.inc"; if description...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2023/01/10 12:0 a.m.•771 views

Security Updates for Windows Malicious Software Removal Tool (January 2023)

The Windows Malicious Software Removal Tool installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2023-21725 %NASLMINLEVEL...

6.3CVSS7.1AI score0.00378EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2014/09/29 12:0 a.m.•771 views

Postfix Script Remote Command Execution via Shellshock

The remote host appears to be running Postfix. Postfix itself is not vulnerable to Shellshock; however, any bash script Postfix runs for filtering or other tasks could potentially be affected if the script exports an environmental variable from the content or headers of a message. A negative resu...

10CVSS8.3AI score0.99999EPSS
Exploits140References5
Tenable Nessus
Tenable Nessus
•added 2017/06/23 12:0 a.m.•769 views

Amazon Linux AMI : httpd (ALAS-2017-851)

Apache HTTP Request Parsing Whitespace Defects It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that...

7.5CVSS6.5AI score0.13252EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2016/10/28 12:0 a.m.•769 views

Default Password 'vizxv' for 'root' Account

The account 'root' on the remote host has the default password 'vizxv'. A remote attacker can exploit this issue to gain administrative access to the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "root"; password = "vizxv"; include'deprecatednasllevel.inc';...

7.5CVSS8.3AI score0.53618EPSS
Exploits41References1
Tenable Nessus
Tenable Nessus
•added 2023/03/07 12:0 a.m.•768 views

ASP.NET Core SEoL

According to its version, the ASP.NET Core installed on the remote host is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 2018/09/24 12:0 a.m.•768 views

Elasticsearch ESA-2018-15

Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This...

8.8CVSS7.3AI score0.01985EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2000/08/30 12:0 a.m.•768 views

Web Server HTTP Dangerous Method Detection

The PUT method allows an attacker to upload arbitrary web pages on the server. If the server is configured to support scripts like ASP, JSP, or PHP it will allow the attacker to execute code with the privileges of the web server. The DELETE method allows an attacker to delete arbitrary content fr...

6.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2017/04/18 12:0 a.m.•765 views

SMB Server DOUBLEPULSAR Backdoor / Implant Detection (EternalRocks)

Binary data smbdoublepulsarbackdoordetect.nbin...

9.3CVSS9.2AI score0.9923EPSS
Exploits55References5
Tenable Nessus
Tenable Nessus
•added 2012/08/15 12:0 a.m.•761 views

MS12-060: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573)

There is an unspecified remote code execution vulnerability in Windows common controls, which is included in several Microsoft products. An attacker could exploit this by tricking a user into viewing a maliciously crafted web page, resulting in arbitrary code execution. %NASLMINLEVEL 70300 C...

9.3CVSS7.2AI score0.72119EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added 2014/05/14 12:0 a.m.•760 views

MS14-022: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166)

The versions of Office SharePoint Server, Office Web Apps, SharePoint Client Components SDK, or SharePoint Designer installed on the remote host are affected by multiple vulnerabilities : - A code execution vulnerability exists in Microsoft SharePoint Server. CVE-2014-0251 - A cross-site scriptin...

9CVSS5.7AI score0.14199EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2010/02/05 12:0 a.m.•760 views

Microsoft Windows SMB Service Config Enumeration

Nessus was able to obtain, via the SMB protocol, the launch parameters of each active service on the remote host executable path, logon type, etc.. C Tenable, Inc. include"compat.inc"; if description scriptid44401; scriptversion"1.20"; scriptsetattributeattribute:"pluginmodificationdate",...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2001/09/14 12:0 a.m.•760 views

Apple Mac OS X Find-By-Content .DS_Store Web Directory Listing

It is possible to read a '.DSStore' file on the remote web server. This file is created by MacOS X Finder; it is used to remember the icons position on the desktop, among other things, and contains the list of files and directories present in the remote directory. Note that deleted files may stil...

7.5CVSS5.5AI score0.03082EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 2018/08/24 12:0 a.m.•759 views

MikroTik RouterOS < 6.40.9 / 6.42.7 / 6.43 multiple vulnerabilities.

According to its self-reported version, the remote networking device is running a version of MikroTik prior to 6.40.9, 6.41.x 6.42.7, or 6.43. It, therefore, vulnerable to multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

9CVSS7.3AI score0.07371EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
•added 2018/08/13 12:0 a.m.•759 views

HP Ink Printers Multiple Vulnerabilities (HPSBHF03589)

The firmware version running on the remote host is vulnerable to multiple vulnerabilities. An unauthenticated remote attacker could gain system-level unauthorized access to the affected device. Note that Nessus has not tested for these issues but has instead relied only on the self-reported versi...

9.8CVSS8.7AI score0.12227EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
•added 2018/07/20 12:0 a.m.•759 views

Oracle WebLogic Server Multiple Vulnerabilities (July 2018 CPU)

The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - An unspecified vulnerability in the Spring Framework Sample Apps subcomponent in Oracle WebLogic allows an unauthenticated, remote attacker to takeover a WebLogic server. CVE-2018-1275 - ...

9.8CVSS7.2AI score0.71196EPSS
Exploits23References9
Tenable Nessus
Tenable Nessus
•added 2006/11/14 12:0 a.m.•758 views

IBM WebSphere snoopservlet Path Disclosure

This script attempts to enumerate the actual physical path of the servlet classes by requesting a version of 'snoopservlet' which is missing required classes. An attacker, gaining information about the actual physical layout of the file system, can use the information in crafting more complex...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2019/03/28 12:0 a.m.•757 views

Untrusted Microsoft Office Macro Execution Enabled

A Microsoft Office application installed on the remote host has untrusted macro execution settings enabled. Note: This plugin first checks to verify that there are any Microsoft Office products actually installed. If there are, it will enumerate the registry keys that are set when an Office...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 2005/02/20 12:0 a.m.•757 views

HTTP Proxy CONNECT Loop DoS

The proxy allows the users to perform repeated CONNECT requests to itself. This allow anybody to saturate the proxy CPU, memory or file descriptors. Note that if the proxy limits the number of connections from a single IP e.g. acl maxconn with Squid, it is protected against saturation and you may...

5.5AI score
Exploits0
Total number of security vulnerabilities5000