338622 matches found
CentOS 7 : kernel (RHSA-2022:0620)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0620 advisory. - In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of...
iLO 4 < 2.70 / iLO 5 < 1.40a Multiple Vulnerabilities
According to its self-reported version, the HP Integrated Lights-Out server running on the remote host is prior to 2.70 / 1.40a for iLO 4 / iLO 5 respectively. It is, therefore, affected by multiple vulnerabilities: - A cross-site scripting XSS vulnerability exists due to improper validation of...
Security Update for Microsoft Office Products (July 2017)
The Microsoft Office application, Microsoft Office Compatibility Pack, or Microsoft Excel Viewer installed on the remote Windows host is missing a security update. It is, therefore, affected by multiple remote code execution vulnerabilities due to improper handling of objects in memory. An...
CentOS 7 : kernel (CESA-2017:0086)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Portable phpMyAdmin Plugin for WordPress 'wp-pma-mod' Authentication Bypass
The Portable phpMyAdmin Plugin for WordPress installed on the remote host is affected by an authentication bypass vulnerability because the /wp-pma-mod/ path fails to properly authorize users. his may allow an attacker to bypass access restrictions and gain access to the administrative console to...
Software Enumeration (SSH)
Nessus was able to list the software installed on the remote host by calling the appropriate command e.g., 'rpm -qa' on RPM-based Linux distributions, qpkg, dpkg, etc.. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description...
Linux Multiple statd Packages Remote Format String
The remote statd service could be brought down with a format string attack - it now needs to be restarted manually. This means that an attacker may execute arbitrary code thanks to a bug in this daemon. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10544;...
AIX 7.1 TL 4 : tcpdump (IV94726)
Vulnerabilities in tcpdump affect AIX : https://vulners.com/cve/CVE-2017-12993 https://vulners.com/cve/CVE-2017-12993 tcpdump could allow a remote attacker to obtain sensitive information, caused by a buffer overread memory in the Juniper component. By sending a specially crafted request, an...
CentOS 7 : log4j (RHSA-2022:0442)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0442 advisory. - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration...
SAP BusinessObjects Business Intelligence Platform SSRF Vulnerability (direct check)
Binary data sapbusinessobjectsintelligenceplatformcve-2020-6308.nbin...
WordPress 5.7.x < 5.7.9 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A directory traversal via wplang. CVE-2023-2745 - A Cross-Site Request Forgery CSRF via wpajaxsetattachmentthumbnail. - An authenticated stored Cross-Site Scripting XSS vi...
Oracle Linux 8 : openssl (ELSA-2022-9233)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9233 advisory. 1:1.1.1k-5.0.1 - fix CVE-2022-0778 - possible infinite loop in BNmodsqrt Orabug: 33974871 Tenable has extracted the preceding description block directly from th...
KB5003638: Windows 10 version 1607 / Windows Server 2016 Security Update (June 2021)
The remote Windows host is missing security update 5003638. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
ONVIF Camera Snapshot
Nessus was able to acquire a snapshot from the remote camera using the GetProfiles and GetSnapshotUri ONVIF requests. include"compat.inc"; if description scriptid103867; scriptversion"$Revision: 1.3 $"; scriptcvsdate"$Date: 2017/11/15 18:01:11 $"; scriptnameenglish:"ONVIF Camera Snapshot";...
Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Multiple Vulnerabilities (cisco-sa-sb-rv-rce-overflow-ygHByAK)
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
Kerio Connect 8.2.x < 8.2.4 Heartbeat Information Disclosure (Heartbleed)
According to its banner, the remote host is running a version of Kerio Connect formerly Kerio MailServer version 8.2.x prior to 8.2.4. It is, therefore, affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS...
Microsoft Visual Studio Team Foundation Server / Azure DevOps Server Detection
The remote host is running Microsoft Visual Studio Team Foundation Server or Azure DevOps Server. This software is a suite of tools for collaborative software development. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description...
GLSA-200612-11 : AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200612-11 AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSLgetsharedciphers function contains a buffer overflow...
PostNuke < 0.7.2.3 Multiple Script XSS
The remote host is running a version of PostNuke that is vulnerable to various cross-site scripting attacks. An attacker may use these flaws to steal the cookies of the legitimate users of this website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache HTTP Server regression (USN-6885-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6885-2 advisory. USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP...
Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Malicious Software Removal Tool MSRT improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to...
KB4343896: Windows Server 2012 August 2018 Security Update (Foreshadow)
The remote Windows host is missing security update 4343896 or cumulative update 4343901. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a...
Oracle WebLogic Server Multiple Vulnerabilities (July 2016 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities : - An unspecified flaw exists in the Web Container subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. CVE-2016-3445 - An unspecified flaw...
Oracle WebLogic UDDI Explorer Unspecified Vulnerability (CVE-2008-2581)
According to its self-reported banner, the version of Oracle WebLogic Server running on the remote host is affected by an unspecified vulnerability in the UDDI Explorer component that could be exploited remotely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc...
MySQL Anonymous Login Handshake Remote Information Disclosure
The MySQL database server on the remote host reads from uninitialized memory when processing a specially crafted login packet. An unauthenticated attacker may be able to exploit this flaw to obtain sensitive information from the affected host as returned in an error packet. %NASLMINLEVEL 70300 C...
CentOS 7 : grub2 (RHSA-2020:3217)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3217 advisory. - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw...
HP LoadRunner 11.52.x < 11.52 Patch 2 / 12.00.x < 12.00 Patch 1 Heartbeat Information Disclosure (Heartbleed)
The version of HP LoadRunner installed on the remote host is 11.52.x prior to 11.52 Patch 2 or 12.00.x prior to 12.00 Patch 1. It is, therefore, affected by an out-of-bounds read error, known as the 'Heartbleed Bug' in the included OpenSSL version. This error is related to handling TLS heartbeat...
Default Password 'admin123' for 'admin' Account
The account 'admin' on the remote host has the default password 'admin123'. A remote attacker can exploit this issue to gain administrative access to the affected system. TRUSTED...
HP Integrated Lights-Out (iLO) Detection
The remote host is an HP Integrated Lights-Out iLO server. These servers are embedded systems integrated into HP ProLiant servers for the purpose of out-of-band management. TRUSTED...
Cisco IOS TFTP File Disclosure
The remote host has a TFTP server installed that is serving one or more Cisco IOS files. These files may contain passwords and other sensitive information. A remote attacker could use this information to mount further attacks. %NASLMINLEVEL 70300 This NASL script was written by Martin O'Neal of...
HTTP URI Handling Format String
The remote web server seems to be vulnerable to a format string attack on the URI. An attacker might use this flaw to make it crash or even execute arbitrary code on this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid15640; scriptversion"$Revision: 1.19 $";...
Open Port Re-check
One of several ports that were previously open are now closed or unresponsive. There are several possible reasons for this : - The scan may have caused a service to freeze or stop running. - An administrator may have stopped a particular service during the scanning process. This might be an...
RHEL 6 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver CVE-2017-12762 - kernel: lack of port...
Apache 2.4.x < 2.4.56 Multiple Vulnerabilities
The version of Apache httpd installed on the remote host is prior to 2.4.56. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.56 advisory. - HTTP request splitting with modrewrite and modproxy: Some modproxy configurations on Apache HTTP Server versions 2.4.0 throug...
Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p10 Multiple Vulnerabilities
The version of the remote NTP server is 4.x prior to 4.2.8p10. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists in the receive function within file ntpd/ntpproto.c due to the expected origin timestamp being cleared when a packet with a zero...
Bugzilla show_bug.cgi id Parameter XSS
The version of Bugzilla installed on the remote host is affected by a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'id' parameter of the 'showbug.cgi' script. An attacker may be able to leverage this to inject arbitrary HTML and script code...
Citrix MetaFrame XP login.asp NFuse_Message Parameter XSS
The remote server is running a Citrix Web Interface server that is vulnerable to cross-site scripting. When a user fails to authenticate, the Citrix Web Interface includes the error message text in the URL. The error message can be tampered with to perform a cross-site scripting attack...
libcurl 7.32.0 < 8.9.1 DoS (CVE-2024-7264)
The version of libcurl installed on the remote host is between 7.32.0 and prior to 8.9.1. It is, therefore, affected by a denial of service DoS vulnerability. libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorre...
Security Updates for Microsoft Office Products (November 2019)
The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited...
Oracle GlassFish Server 3.1.2.x < 3.1.2.17 Java Server Faces Information Disclosure (April 2017 CPU)
According to its self-reported version, the Oracle GlassFish Server running on the remote host is 3.1.2.x prior to 3.1.2.17. It is, therefore, affected by an unspecified flaw in the Java Server Faces subcomponent that allows an unauthenticated, remote attacker to disclose potentially sensitive...
Joomla! User-Agent Object Injection RCE
The Joomla! application running on the remote web server is affected by a remote code execution vulnerability due to improper sanitization of the User-Agent header field when saving session values. An unauthenticated, remote attacker can exploit this, via a serialized PHP object, to execute...
Oracle Database Server (Apr 2024 CPU)
The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. - Vulnerability in the RDBMS Python component of Oracle Database Server. Supported versions that are affected are 21.3-21.13. Easily exploitab...
KB5014678: Windows Server 2022 Security Update (June 2022)
The remote Windows host is missing security update 5014678. It is, therefore, affected by multiple vulnerabilities - Windows Kerberos Elevation of Privilege Vulnerability CVE-2022-30165 - Windows Lightweight Directory Access Protocol LDAP Remote Code Execution Vulnerability CVE-2022-30139,...
ArubaOS-Switch DoS (ARUBA-PSA-2021-002)
A security vulnerability has been identified in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be...
PHP 5.6.x < 5.6.34 Stack Buffer Overflow
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.34. It is, therefore, affected by a stack buffer overflow vulnerability. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
DNN (DotNetNuke) < 7.4.1 Administration Authentication Bypass Vulnerability
The version of DNN formerly DotNetNuke running on the remote web server is prior to 7.4.1. It is, therefore, affected by an authentication bypass vulnerability due to a failure to delete installation wizard scripts post-installation. An unauthenticated, remote attacker can exploit this, via a...
MS KB3065823: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
The remote Windows host is missing KB3065823. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists that allows an attacker to guess the address for the Flash heap. CVE-2015-3097 - Multiple heap-based buffer overflow vulnerabilities exist that...
MS11-061: Vulnerability in Remote Desktop Web Access Could Allow Elevation of Privilege (2546250)
The version of Remote Desktop Web Access running on the remote host has a reflected cross-site scripting vulnerability. Input to the 'ReturnUrl' parameter of login.aspx is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted URL,...
Firebird Default Credentials
The version of Firebird on the remote host uses default credentials to control access. Knowing these, an attacker can gain administrative access to the affected application. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
PHP < 4.4.5 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is older than 4.4.5. Such versions may be affected by several issues, including buffer overflows, format string vulnerabilities, arbitrary code execution, 'safemode' and 'openbasedir' bypasses, and clobbering of super-global...