Oracle WebLogic Server Java Object Deserialization RCE (April 2016 CPU)

The remote Oracle WebLogic Server is affected by a remote code execution vulnerability in the Java Messaging Service subcomponent in the readExternal function due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this, via a crafted object payload, t...

CGI Generic SQL Injection (2nd pass)

By providing specially crafted parameters to CGIs, Nessus was able to get an error from the underlying database. This error suggests that the CGI is affected by a SQL injection vulnerability. An attacker may exploit this flaw to bypass authentication, read confidential data, modify the remote...

Node.js Multiple Vulnerabilities (November 2018 Security Releases)

The version of Node.js installed on the remote host is 6.x prior to 6.15.0, 8.x prior to 8.14.0 or 10.x prior to 10.14.0 or 11.x prior to 11.3.0. It is, therefore, affected by multiple vulnerabilities. - OpenSSL Timing vulnerability in DSA signature generation CVE-2018-0734. - OpenSSL Timing...

KB4088879: Windows 8.1 and Windows Server 2012 R2 March 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4088879 or cumulative update 4088876. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local...

MySQL 8.0.x < 8.0.22 Multiple Vulnerabilities (Oct 2020 CPU)

The version of MySQL running on the remote host is 8.0.x prior to 8.0.22. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the October 2020 Critical Patch Update advisory: - Vulnerability in the MySQL Server product of Oracle MySQL component: Server:...

Apache Tomcat 9.0.0.M1 < 9.0.30

The version of Tomcat installed on the remote host is prior to 9.0.30. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.30security-9 advisory. - When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there...

KB4017094: Security Update for the libjpeg Information Disclosure Vulnerability for Microsoft Silverlight 5 (April 2017)

The version of Silverlight 5 installed on the remote Windows host is missing security update KB4017094. It is, therefore, affected by an information disclosure vulnerability in the open-source libjpeg image processing library due to improper handling of objects in memory. An unauthenticated, remo...

Oracle Java SE Multiple Vulnerabilities (July 2016 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 101, 7 Update 111, or 6 Update 121. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the CORBA subcomponent that allows an unauthenticated,...

IMAP Service STARTTLS Plaintext Command Injection

The remote IMAP service contains a software flaw in its STARTTLS implementation that could allow a remote, unauthenticated attacker to inject commands during the plaintext protocol phase that will be executed during the ciphertext protocol phase. Successful exploitation could allow an attacker to...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4255-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4255-1 advisory. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacke...

SSL Session Resume Supported

This script detects whether a host allows resuming SSL sessions by performing a full SSL handshake to receive a session ID, and then reconnecting with the previously used session ID. If the server accepts the session ID in the second connection, the server maintains a cache of sessions that can b...

MoinMoin Detection

The remote host is running MoinMoin, a wiki written in Python. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid44382; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01"; scriptnameenglish:"MoinMoin Detection";...

KB5005573: Windows 10 Version 1607 and Windows Server 2016 September 2021 Security Update

The remote Windows host is missing security update 5005573. It is, therefore, affected by multiple vulnerabilities : - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application. CVE-2021-26435 - An...

CentOS 7 : systemd (CESA-2019:2091)

An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

KB4103726: Windows Server 2012 May 2018 Security Update

The remote Windows host is missing security update 4103726 or cumulative update 4103730. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully...

Portable SDK for UPnP Devices (libupnp) HTTP Arbitrary File Write

The Portable SDK for UPnP Devices libupnp running on the remote host is affected by a flaw that is triggered when handling HTTP POST or GET requests. An unauthenticated, remote attacker can exploit this to write arbitrary files to the web server file system. C Tenable Network Security, Inc...

Liferay Portal Remote Code Execution (direct check)

Binary data liferayportal-cve-2020-7961.nbin...

Oracle Java SE 1.7.0_281 / 1.8.0_271 / 1.11.0_9 / 1.15.0_1 Multiple Vulnerabilities (Oct 2020 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 7 Update 281, 8 Update 271, 11 Update 9, or 15 Update 1. It is, therefore, affected by multiple vulnerabilities related to the following components as referenced in the October 2020 CPU...

nginx 1.x < 1.14.1 / 1.15.x < 1.15.6 Multiple Vulnerabilities

According to its Server response header, the installed version of nginx is 1.x prior to 1.14.1 or 1.15.x prior to 1.15.6. It is, therefore, affected by the following issues : - An unspecified error exists related to the module 'ngxhttpv2module' that allows excessive memory usage. CVE-2018-16843 -...

MS05-017: Vulnerability in MSMQ Could Allow Code Execution (892944)

The remote version of Windows is affected by a vulnerability in Microsoft Message Queuing Service MSMQ. An attacker could exploit this flaw to execute arbitrary code on the remote host with the SYSTEM privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18021;...

Atlassian Bitbucket < 7.6.17 / 7.17.10 / 7.21.4 / 8.0.4 / 8.1.3 / 8.2.2 / 8.3.1 RCE

The version of Atlassian Bitbucket installed on the remote host 7.0.0 prior to 7.6.17, 7.7.0 prior to 7.17.10, 7.18.0 prior to 7.21.4, 8.0 prior to 8.0.3, 8.1 prior to 8.1.3, 8.2 prior to 8.2.2 or 8.3 prior to 8.3.1. It is, therefore, affected by a remote code execution vulnerability. A remote...

NETGEAR DGN Remote Unauthenticated Command Execution

The remote NETGEAR DGN device is affected by a flaw in the setup.cgi script that allows an unauthenticated, remote attacker to execute arbitrary commands with root privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid104128; scriptversion"1.3";...

Django Administration Application Login Form XSS

The remote host is using Django, a high-level Python web framework designed for rapid development of database-driven websites. The administration application included with the version of Django installed on the remote host fails to sanitize the URL before using it to generate dynamic HTML output...

ISC BIND 9.x.x < 9.9.13-P1 / 9.10.x < 9.10.8-P1 / 9.11.x < 9.11.4-P1 / 9.12.x < 9.12.2-P1 deny-answer-aliases DoS Vulnerability

According to its self-reported version number, the instance of ISC BIND running on the remote name server is 9.x.x prior to 9.9.13-P1, 9.10.x prior to 9.10.8-P1, 9.11.x prior to 9.11.4-P1, or 9.12.x prior to 9.12.2-P1. It is, therefore, affected by a denial of service vulnerability in the...

Arista Networks EOS Multiple Vulnerabilities (SA0024) (SWEET32)

The version of Arista Networks EOS running on the remote device is affected by multiple vulnerabilities in the included OpenSSL library : - An information disclosure vulnerability exists in the dsasignsetup function in dsaossl.c due to a failure to properly ensure the use of constant-time...

Oracle WebLogic Server (January 2024 CPU)

The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the January 2024 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities, including: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware...

Oracle Database Server Multiple Vulnerabilities (Oct 2020 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory. - Vulnerability in the Core RDBMS bzip2 component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2,...

Security Updates for Microsoft SQL Server (April 2023)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

Apache Tomcat 8.5.0 < 8.5.34

The version of Tomcat installed on the remote host is prior to 8.5.34. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.34security-8 advisory. - When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90...

Cisco AnyConnect Secure Mobility Client < 4.6.01098 Certificate Bypass Vulnerability

The version of Cisco AnyConnect Secure Mobility Client installed on the remote Windows host is prior to 4.6.01098. It is, therefore, affected by a certificate bypass vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid110563; scriptversion"1.7";...

KB4056897: Windows 7 and Windows Server 2008 R2 January 2018 Security Update (Meltdown)(Spectre)

The remote Windows host is missing security update 4056897 or cumulative update 4056894. It is, therefore, affected by multiple vulnerabilities : - An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker with local...

WEBGATE ActiveX Controls Multiple Buffer Overflows

The remote host contains one or more of the following WEBGATE ActiveX controls : - Control Center : - FileConverter.FileConverterCtrl.1 - LoginContoller.LoginControllerCtrl.1 - WESPDiscovery.WESPDiscoveryCtrl.1 - WESPPlayback.WESPPlaybackCtrl.1 - eDVR Manager : - WESPDiscovery.WESPDiscoveryCtrl.1...

KB5003635: Windows 10 version 1909 Security Update (June 2021)

The remote Windows host is missing security update 5003635. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...

MS KB2962393: Update for Vulnerability in Juniper Networks Windows In-Box Junos Pulse Client (Heartbleed)

The remote host is missing KB2962393, which resolves an OpenSSL information disclosure vulnerability Heartbleed in the Juniper VPN client software shipped with Windows 8.1. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid73865; scriptversion"1.17";...

Apache OFBiz Default Credentials

Nessus was able to login to the remote Apache OFBiz application by providing default credentials. A remote attacker can exploit this issue to perform administrative actions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

r57shell Backdoor Detection

At least one instance of r57shell is hosted on the remote web server. This is a PHP script that acts as a backdoor and provides a convenient set of tools for attacking the affected host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Web Application Potentially Sensitive CGI Parameter Detection

According to their names, some CGI parameters may control sensitive data e.g., ID, privileges, commands, prices, credit card data, etc.. In the course of using an application, these variables may disclose sensitive data or be prone to tampering that could result in privilege escalation. These...

Microsoft SQL Server Default Credentials (PCI wordlist)

The SQL Server has a common password for one or more accounts. These accounts may be used to gain access to the records in the database or even allow remote command execution. TRUSTED...

Microsoft Access Unsupported Version Detection

According to its self-reported version number, the installation of Microsoft Access on the remote Windows host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities...

Samba 3.x < 4.2.10 / 4.2.x < 4.2.10 / 4.3.x < 4.3.7 / 4.4.x < 4.4.1 Multiple Vulnerabilities (Badlock)

The version of Samba running on the remote host is 3.x or 4.2.x prior to 4.2.10, 4.3.x prior to 4.3.7, or 4.4.x prior to 4.4.1. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the DCE-RPC client when handling specially crafted DCE-RPC packets. A man-in-the-middle MitM...

Oracle Java SE Multiple Vulnerabilities (October 2018 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 11 Update 1, 8 Update 191, 7 Update 201, or 6 Update 211. It is, therefore, affected by multiple vulnerabilities related to the following components : - An unspecified vulnerability in the Jav...

Oracle TNS Listener VSNNUM Version Remote Information Disclosure

It was possible to extract the version number of the remote Oracle TNS Transparent Network Substrate listener remotely by sending an unauthenticated request to the TNS listener service operating on this port. This information could aid an attacker. Note that the version of the TNS listener does n...

Windows Server 2012 June 2017 Security Updates

The remote Windows host is missing security update 4022718 or cumulative update 4022724. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Hyper-V instruction emulation due to a failure to properly enforce privilege levels. An...

MS14-026: Vulnerability in .NET Framework Could Allow Elevation of Privilege (2958732)

The remote Windows host has a version of the Microsoft .NET Framework that is affected by a privilege escalation vulnerability due to the way that .NET Framework handles TypeFilterLevel checks for some malformed objects. Note that this vulnerability only affects applications that use .NET Remotin...

PostgreSQL Server Detection

The remote service is a PostgreSQL database server, or a derivative such as EnterpriseDB. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid26024; scriptversion"1.25"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/24"; scriptnameenglish:"PostgreSQ...

Azul Zulu Java Multiple Vulnerabilities (2022-07-19)

The version of Azul Zulu installed on the remote host is prior to 6 6.49 / 7 7.55 / 8 8.63 / 11 11.57 / 13 13.49 / 15 15.41 / 17 17.35 / 18 18.32. It is, therefore, affected by multiple vulnerabilities as referenced in the 2022-07-19 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM...

IBM BigFix Platform 9.2.x < 9.2.15 / 9.5.x < 9.5.10 Multiple Vulnerabilities

According to its self-reported version, the IBM BigFix Platform application running on the remote host is 9.2.x prior to 9.2.15, or 9.5.x prior to 9.5.10. It is, therefore, affected by multiple vulnerabilities : - IBM BigFix Platform is vulnerable to HTTP response splitting attacks, caused by...

HP StorageWorks MSA P2000 Hidden 'admin' User Default Credentials

The remote device appears to be a HP StorageWorks MSA P2000 series. There is a hidden, undocumented account named 'admin' secured with a default password of '!admin'. A remote attacker can exploit this to gain privileged access to the management interface. TRUSTED...

Oracle Java SE Multiple Vulnerabilities (January 2024 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory: - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle...

Pulse Connect Secure Multiple Vulnerabilities (SA43730)

According to its self-reported version, the version of Pulse Connect Secure running on the remote host is affected by multiple vulnerabilities. Refer to the vendor advisory for additional information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...