337440 matches found
VNC Security Type Enforcement Failure Remote Authentication Bypass
The version of VNC server running on the remote host is affected by the following vulnerabilities : - A flaw exists in RealVNC due to an error when handling password authentication. A remote attacker can exploit this to bypass authentication by using a specially crafted request in which the clien...
Python Library Certifi < 2024.07.04 Untrusted Root Certificate
The detected version of Certifi python package, certifi, is prior to version 2024.07.04. Therefore, it contains untrusted root certificates from GLOBALTRUST. An unauthenticated, remote attacker can exploit this to gain arbitrary permissions within the application. Note that Nessus has not tested...
Microsoft Exchange Server Elevation of Privilege Vulnerability (November 2018)
The Microsoft Exchange install on the remote host contains an unspecified flaw that allows an authenticated, man-in-the-middle attacker to impersonate another user and escalate privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ...
Default Password '888888' for '888888' Account
The account '888888' on the remote host has the default password '888888'. A remote attacker can exploit this issue to gain administrative access to the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "888888"; password = "888888"; include'deprecatednasllevel.inc';...
TCP/IP Timestamps Supported
The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed. TRUSTED...
Microsoft IIS Potentially Compromised Host Detection
One or more files were found on this host that indicate a possible compromise. %NASLMINLEVEL 70300 This script was written by H D Moore ... and hacked by Tenable Network Security to avoid false positive. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid11003;...
Ubuntu 24.04 LTS. : Apache HTTP Server vulnerabilities (USN-6729-3)
The remote Ubuntu 24.04 LTS. host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6729-3 advisory. USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the...
KB5013945: Windows 10 version 1909 Security Update (May 2022)
The remote Windows host is missing security update 5013945. It is, therefore, affected by multiple vulnerabilities - Windows LDAP Remote Code Execution Vulnerability CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137,...
Amazon Corretto Java 11.x < 11.0.15.9.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 11 11.0.15.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2022-Apr-19 advisory. - xml/jaxp CVE-2022-21426 - core-libs/java.lang CVE-2022-21434 - security-libs/java.security...
SUSE SLES15 Security Update : log4j (SUSE-SU-2021:4111-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:4111-1 advisory. - JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration...
Oracle WebLogic Server Multiple Vulnerabilities (Apr 2021 CPU)
The version of WebLogic Server installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - An unspecified vulnerability exists in the Coherence Container component. Easily exploitable vulnerability allows unauthenticated attacker with netwo...
CentOS 4 : firefox (CESA-2010:0808)
An updated firefox package that fixes one security issue is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Oracle 9iAS Default SOAP Configuration Unauthorized Application Deployment
In a default installation of Oracle 9iAS v.1.0.2.2, it is possible to deploy or undeploy SOAP services without the need of any kind of credentials. This is due to SOAP being enabled by default after installation in order to provide a convenient way to use SOAP samples. However, this feature poses...
Apache Tomcat 8.0.0.RC1 < 8.0.47
The version of Tomcat installed on the remote host is prior to 8.0.47. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.0.47security-8 advisory. - When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81...
CentOS 7 : ModemManager / NetworkManager / NetworkManager-libreswan / network-manager-applet (CESA-2015:2315)
Updated NetworkManager packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...
Apache Tomcat 9.0.0.M1 < 9.0.86 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 9.0.86. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.86security-9 advisory. - Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket...
WSO2 Multiple Products File Upload Remote Command Execution (CVE-2022-29464)
Binary data wso2CVE-2022-29464.nbin...
Apache Shiro Default Cipher Key (CVE-2016-4437)
Binary data apacheshirocve-2016-4437.nbin...
IBM DB2 9.7 < 9.7 / 10.1 < 10.1 / 10.5 < 10.5 / 11.1 < 11.1.4 / 11.5 < 11.5.6 Multiple Vulnerabilities (Windows)
According to its self-reported version number, IBM Db2 is affected by multiple vulnerabilities: - IBM Db2 for Linux, UNIX and Windows could allow an unauthenticated attacker to cause a denial of service due to a specific circumstance of a table being dropped while being accessed in another sessio...
KB4457146: Security update for Adobe Flash Player (September 2018)
The remote Windows host is missing security update KB4457146. It is, therefore, affected by an information disclosure vulnerability in Adobe Flash Player. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid117419; scriptversion"1.8"; scriptcvsdate"Date: 2019/11/01";...
VMware vCenter Server 5.5.x / 6.0.x / 6.5.x / 6.7.x Speculative Execution Side Channel Vulnerability (Foreshadow) (VMSA-2018-0020)
The version of VMware vCenter Server installed on the remote host is 5.5.x prior to 5.5u3j, 6.0.x prior to 6.0u3h, 6.5.x prior to 6.5u2c, or 6.7.x prior to 6.7.0d. It is, therefore, affected by a speculative execution side channel attack known as L1 Terminal Fault L1TF. An attacker who successful...
CentOS 6 : kernel (CESA-2017:0036)
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:2912-1)
The SUSE Linux Enterprise 12 kernel was updated to 3.12.67 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-7042: The prockeysshow function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowe...
PHP 5.4.x < 5.4.36 'process_nested_data' RCE
According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.36. It is, therefore, affected by a use-after-free error in the 'processnesteddata' function within 'ext/standard/varunserializer.re' due to improper handling of duplicate keys within the serialized...
McAfee Web Gateway Multiple OpenSSL Vulnerabilities (SB10075)
The remote host is running a version of McAfee Web Gateway MWG that is affected by multiple vulnerabilities due to flaws in the OpenSSL library : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note thi...
IBM Domino 9.x < 9.0.1 Fix Pack 1 Multiple Vulnerabilities (uncredentialed check)
According to its version, the IBM Domino formerly IBM Lotus Domino on the remote host is 9.x prior to 9.0.1 Fix Pack 1 FP1. It is, therefore, affected by the following vulnerabilities : - A stack overflow issue exists due to the insecure '-z execstack' flag being used during compilation, which...
Scrutinizer Default Credentials Check
The Scrutinizer install on the remote host is using default credentials for the 'admin' user. Using these credentials, it is possible to login and gain access to the back end administrative interface. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
HP-UX PHSS_31066 : HP-UX Running Serviceguard, Remote Increase in Privilege (HPSBUX01080 SSRT3526 rev.2)
s700800 11.X Cluster Object Manager B.01.04.01 : A potential security vulnerability has been identified with HP Serviceguard running on HP-UX and Linux that may allow remote unauthorized privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this...
CentOS 7 : httpd (RHSA-2022:0143)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0143 advisory. - In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow CVE-2021-26691 ...
Oracle Fusion Middleware Oracle HTTP Server (Oct 2020 CPU)
The version of Oracle HTTP Server installed on the remote host is affected by the following vulnerabilities as referenced in the October 2020 CPU advisory: - A denial of service DoS vulnerability exists in the SSL Module OpenSSL. An unauthenticated, remote attacker with network access via HTTPS,...
ESXi 6.5 / 6.7 XSS (VMSA-2020-0008)
The remote VMware ESXi host is version 6.5 or 6.7 and is affected by a cross-site scripting XSS vulnerability in virtual machine attributes due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker with access to modify the system properties...
AT&T U-verse Arris Modems NVG589 / NVG599 / 5268AC Multiple Vulnerabilities (SharknATTo)
The remote Arris device's self report model is NVG589, NVG599 or 5268AC. It is, therefor, affected by multiple vulnerabilities, including a firewall bypass, multiple instances of hardcoded credentials, privilege escalation, and remote code execution. Note: Nessus has not checked the firmware...
KB4022714: Windows 10 Version 1511 June 2017 Cumulative Update
The remote Windows 10 version 1511 host is missing security update KB4022714. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows Hyper-V instruction emulation due to a failure to properly enforce privilege levels. An attacker on a...
MS16-070: Security Update for Microsoft Office (3163610)
The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities in Microsoft Office : - Multiple remote code execution vulnerabilities exist due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit these by...
SuperMicro Device Uses Default SSH Host Key
The SSH host key used by the remote host has not been changed from the default host key that is hardwired into the firmware. The private key corresponding to this host key is shared across all devices running the same firmware, meaning that the remote host's key certificate cannot be trusted...
RHEL 4 : mysql (RHSA-2008:0768)
Updated mysql packages that fix various security issues, several bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database...
Web Server /cgi-bin Shell Access
The remote web server has one of these shells installed in /cgi-bin : ash, bash, csh, ksh, sh, tcsh, zsh Leaving executable shells in the cgi-bin directory of a web server may allow an attacker to execute arbitrary commands on the target machine with the privileges of the HTTP daemon. %NASLMINLEV...
PHP 8.1.x < 8.1.0 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.1.0 advisory. - In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main...
RHEL 7 : kernel (RHSA-2021:2314)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2314 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Integer overflow in IntelR...
Security Update for Microsoft ASP.NET Core (January 2020)
The Microsoft ASP.NET Core installation on the remote host is version 2.1.x 2.1.15, 3.0.x 3.0.2, or 3.1.x 3.1.1. It is, therefore, affected by multiple vulnerabilities: - A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully...
Do not scan operational technology devices
The remote host appears to be operational technology device. Such devices often react very poorly when scanned. To avoid problems, Nessus will not continue to scan this device unless the scan policy is configured to scan OT devices. If you would like to safely assess security vulnerabilities on...
Contenido contenido/classes/class.inuse.php Multiple Parameter Remote File Inclusion
The remote host appears to be running Contenido, an open source content management system written in PHP. The version of Contenido installed on the remote host fails to sanitize input to the 'cfgpathcontenido' and 'cfgpathclasses' parameters of the 'contenido/classes/class.inuse.php' script befor...
LiteServe HTTP Service Malformed URL Decoding Remote DoS
The remote web server does not respond after it receives a URL consisting of a long string of '%' characters. Note that if the web server is protected with some sort of Intrusion Prevention Systems IPS, this may be a false-positive. C Tenable Network Security, Inc. Affected: Webseal 3.8 unconfirm...
TencentOS Server 3: cryptsetup (TSSA-2022:0008)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0008 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
WordPress 6.1.x < 6.1.7 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A Cross-Site Scripting XSS vulnerability affecting the HTML API. - A Cross-Site Scripting XSS vulnerability affecting the Template Part block. - A path traversal issue...
Amazon Linux 2 : kernel, --advisory ALAS2-2022-1838 (ALAS-2022-1838)
The version of kernel installed on the remote host is prior to 4.14.291-218.527. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1838 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the...
CentOS 7 : kernel (RHSA-2021:2725)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2725 advisory. - An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in shownumastats because NUM...
SUSE SLES11 Security Update : openssl1 (SUSE-SU-2020:14560-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2020:14560-1 advisory. - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL...
Amazon Linux 2 : python3 (ALAS-2020-1484)
The version of python3 installed on the remote host is prior to 3.7.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1484 advisory. Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes,...
Apache 2.4.x < 2.4.39 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.39. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability exists in module scripts due to an ability to execute arbitrary code as the parent process by...