337440 matches found
OS Identification : NETCONF Over SSH
The remote host is using the NETCONF protocol over SSH. The NETCONF protocol is used to manage network devices. It may be possible to determine the operating system name and version by using the SSH credentials provided in the scan policy. TRUSTED...
XoopsGallery init_basic.php GALLERY_BASEDIR Parameter Remote File Inclusion
The remote host is running XoopsGallery, a third-party module for Xoops. The version of XoopsGallery installed on the remote host fails to sanitize user-supplied input to the 'GALLERYBASEDIR' parameter of the 'modules/xoopsgallery/initbasic.php' script before using it to include PHP code. Provide...
CentOS 7 : sudo (RHSA-2023:0291)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0291 advisory. - In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user- provided environment variables SUDOEDITOR, VISUAL, and...
Python Buffer Overflow (CVE-2021-3177)
The version of Python installed on the remote Windows host is potentially affected by a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300...
Oracle Java SE Multiple Vulnerabilities (April 2015 CPU) (FREAK)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 45, 7 Update 79, 6 Update 95, or 5 Update 85. It is, therefore, affected by security vulnerabilities in the following components : - 2D - Beans - Deployment - Hotspot - JavaFX - JCE -...
Apache 2.4.x < 2.4.12 Multiple Vulnerabilities
According to its banner, the version of Apache 2.4.x running on the remote host is prior to 2.4.12. It is, therefore, affected by the following vulnerabilities : - A flaw exists in module modheaders that can allow HTTP trailers to replace HTTP headers late during request processing, which a remot...
Fortinet OpenSSL Information Disclosure (Heartbleed)
The firmware of the remote Fortinet host is running a version of OpenSSL that is affected by a remote information disclosure, commonly known as the 'Heartbleed' bug. A remote, unauthenticated, attacker could potentially exploit this vulnerability to extract up to 64 kilobytes of memory per reques...
BoastMachine <= 3.1 'mail.php' id Parameter SQL Injection
Binary data 4348.prm...
KB4534309: Windows 8.1 and Windows Server 2012 R2 January 2020 Security Update
The remote Windows host is missing security update 4534309 or cumulative update 4534297. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully...
Oracle WebLogic Server Multiple Vulnerabilities (Jul 2019 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - An unspecified vulnerability allows a remote unauthenticated attacker with network access to compromise and takeover the StorageTek Tape Analytics SW Tool. CVE-2019-2725 CVE-2019-2729 - A...
Drupal 8.0.x < 8.5.1 Remote Code Execution Vulnerability
According to its self-reported version number, the detected Drupal application is affected by a remote code execution vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...
Spring Framework < 4.3.16 / 5.0.x < 5.0.5 Remote Code Execution with spring-messaging (CVE-2018-1270)
The remote host contains a Spring Framework library version that is 4.3.x prior to 4.3.16 or 5.0.x prior to 5.0.5. It is, therefore, affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this, by sending a special craft message to the broker that can...
Oracle GlassFish Server Path Traversal
The instance of Oracle GlassFish Server running on the remote host is affected by an authenticated and unauthenticated path traversal vulnerability. Remote attacker can exploit this issue, via a specially crafted HTTP request, to access arbitrary files on the remote host. C Tenable Network...
Postfix 2.x Mail Message Date Field RCE (ENTERSEED)
According to its banner, the Postfix mail server running on the remote host is version 2.x from 2.0.8 to 2.1.5 inclusively. It is, therefore, affected by a remote code execution vulnerability due to improper sanitization of the email date field. An unauthenticated, remote attacker can exploit thi...
Windows Server 2012 April 2017 Security Updates (Petya)
The remote Windows host is missing security update 4015548 or cumulative update 4015551. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the open-source libjpeg image processing library due to improper handling of objects in memory. An...
Amazon Linux AMI : libproxy (ALAS-2012-140)
A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration PAC files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute arbitrary code, if th...
Microsoft Windows Installed Software Enumeration (credentialed check)
This plugin lists software potentially installed on the remote host by crawling the registry entries in : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall HKLM\SOFTWARE\Microsoft\Updates Note that these entries do not necessarily mean the applications are actually installed on the remote...
KB5025221: Windows 10 Version 20H2 / Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (April 2023)
The remote Windows host is missing security update 5025221. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2023-28275 - Windows Pragmatic General Multicast PGM Remote Code Execution Vulnerability...
KB4338824: Windows 8.1 and Windows Server 2012 R2 July 2018 Security Update
The remote Windows host is missing security update 4338824 or cumulative update 4338815. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. CVE-2018-8202 - A...
macOS 10.13.x < 10.13.2 Multiple Vulnerabilities (Meltdown)
The remote host is running a version of Mac OS X that is 10.13.x prior to 10.13.2. It is, therefore, affected by multiple vulnerabilities in the following components : - apache - curl - Directory Utility - IOAcceleratorFamily - IOKit - Intel Graphics Driver - Kernel - Mail - Mail Drafts - OpenSSL...
Oracle RDBMS Patchset Out of Date (credentialed check)
The version of Oracle Database server installed on the remote host is an unsupported patchset level. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid72982; scriptversion"1.6";...
Security Updates for Microsoft SQL Server Elevation of Privilege (September 2024)
The Microsoft SQL Server installation on the remote host is missing a security update. It is affected by the following vulnerabilities: - An elevation of privilege vulnerability. An authenticated, remote attacker can exploit this issue, to gain elevated privileges. CVE-2024-37341, CVE-2024-37965,...
F5 Networks BIG-IP : Apache Range header vulnerability (K13114)
The byte-range filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial-of-service memory and CPU consumption using a Range header that expresses multiple overlapping ranges. When this vulnerability is exploited, the httpd...
RHEL 8 : kernel (RHSA-2024:7000)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7000 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: CVE-2023-6040 CVE-2024-26595...
WordPress 4.9.x < 4.9.26 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A Cross-Site Scripting XSS vulnerability affecting the HTML API. - A Cross-Site Scripting XSS vulnerability affecting the Template Part block. - A path traversal issue...
KB5013941: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2022)
The remote Windows host is missing security update 5013941. It is, therefore, affected by multiple vulnerabilities - Windows LDAP Remote Code Execution Vulnerability CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137,...
OpenJDK 7 <= 7u301 / 8 <= 8u292 / 11.0.0 <= 11.0.11 / 13.0.0 <= 13.0.7 / 15.0.0 <= 15.0.3 / 16.0.0 <= 16.0.1 Multiple Vulnerabilities (2021-07-20)
The version of OpenJDK installed on the remote host is prior to 7 = 7u301 / 8 = 8u292 / 11.0.0 = 11.0.11 / 13.0.0 = 13.0.7 / 15.0.0 = 15.0.3 / 16.0.0 = 16.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 2021-07-20 advisory. Note that Nessus has not tested for this...
Microsoft Windows 7 / Server 2008 R2 Unsupported Version Detection
Microsoft Windows 7 or Server 2008 R2 is running on the remote host. Microsoft ended support for Windows 7 and Server 2008 R2 on 1/14/2020. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security...
RHEL 6 / 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 (RHSA-2019:0367)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0367 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3595)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3595 advisory. - ALSA: timer: Fix missing queue indices reset at SNDRVTIMERIOCTLSELECT Takashi Iwai Orabug: 26403952 CVE-2017-1000380 - ALSA: timer: Fix race...
Mozilla Firefox < 49.0 Multiple Vulnerabilities (Mac OS X)
The version of Mozilla Firefox installed on the remote Mac OS X host is prior to 49.0. It is, therefore, affected by multiple vulnerabilities : - An out-of-bounds read error exists within file dom/security/nsCSPParser.cpp when handling content security policies CSP containing empty referrer...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : nginx vulnerability (USN-7014-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7014-1 advisory. It was discovered that the nginx ngxhttpmp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directiv...
KB5028169: Windows 10 Version 1607 and Windows Server 2016 Security Update (July 2023)
The remote Windows host is missing security update 5028169. It is, therefore, affected by multiple vulnerabilities - Windows Routing and Remote Access Service RRAS Remote Code Execution Vulnerability CVE-2023-35365, CVE-2023-35366, CVE-2023-35367 - Windows Netlogon Information Disclosure...
Potentially Dangerous PATH Variables
Binary data dangerouspaths.nbin...
CentOS 7 : openssh (CESA-2016:0043)
Updated openssh packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
Splunk Universal Forwarder 9.0.0 < 9.0.9, 9.1.0 < 9.1.4, 9.2.0 < 9.2.1 (SVD-2024-0304)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0304 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
MySQL 8.0.x < 8.0.20 Multiple Vulnerabilities (Apr 2020 CPU)
The version of MySQL running on the remote host is 8.0.x prior to 8.0.20. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the April 2020 Critical Patch Update advisory: - Vulnerability in the MySQL Server product of Oracle MySQL component: Server:...
Oracle WebLogic Server Multiple Vulnerabilities (Jan 2020 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - An unspecified vulnerability in the Third Party Tools Bouncy Castle Java Library component of Oracle WebLogic Server. An unauthenticated attacker with network access via HTTPS could explo...
RHEL 7 : GNOME (RHSA-2018:3140)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3140 advisory. GNOME is the default desktop environment of Red Hat Enterprise Linux. Security Fixes: libsoup: Crash in soupcookiejar.c:getcookies on empty...
RHEL 6 : kernel (RHSA-2018:0169)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0169 advisory. - kernel: Integer overflow in ip6find1stfragopt causes infinite loop CVE-2017-7542 - kernel: net: IPv6 fragmentation implementation of nexth...
Apache Tomcat 9.0.40 < 9.0.69
The version of Tomcat installed on the remote host is prior to 9.0.69. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.69security-9 advisory. - The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the...
NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Vulnerability (NS-SA-2021-0020)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...
Red Hat curl local file overwrite (CVE-2020-8177) (deprecated)
This plugin has been deprecated by the RedHat distribution specific plugins 142705 and 142414. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2020/11/16. Deprecated by redhat-RHSA-2020-4599.nasl and redhat-RHSA-2020-5002.nasl. include'compat.inc'; if description scriptid138374;...
MariaDB 10.4.0 < 10.4.13 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.4.13. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.4.13 advisory. - libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from...
Debian DSA-3560-1 : php5 - security update
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.20, which includes additional bug fixes. Please refer to the upstream changelog for mor...
Debian DLA-63-1 : bash security update
Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment CVE-2014-7169. With this update prefix and suffix for environment variable...
PHP 5.3.x < 5.3.28 Multiple OpenSSL Vulnerabilities
According to its banner, the version of PHP installed on the remote host is 5.3.x prior to 5.3.28. It is, therefore, potentially affected by the following vulnerabilities : - A flaw exists in the PHP OpenSSL extension's hostname identity check when handling certificates that contain hostnames wit...
WordPress 6.0.x < 6.0.9 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A Cross-Site Scripting XSS vulnerability affecting the HTML API. - A Cross-Site Scripting XSS vulnerability affecting the Template Part block. - A path traversal issue...
Security Updates for Microsoft Office Products C2R RCE (January 2024)
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have acces...
Oracle Enterprise Manager Cloud Control (Jan 2022 CPU)
The 13.4.0.0 and 13.5.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by a vulnerability as referenced in the January 2022 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Policy...