337660 matches found
Apache 2.4.x < 2.4.39 Multiple Vulnerabilities
According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.39. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability exists in module scripts due to an ability to execute arbitrary code as the parent process by...
Oracle Database Server Multiple Vulnerabilities (Jan 2019 CPU)
The remote Oracle Database Server is missing the January 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An authenticated remote database takeover vulnerability exists in the Oracle RDBMS. An authenticated, remote attacker with the Create Session, Execut...
Jenkins < 1.642.2 / 1.650 Java Object Deserialization RCE
The remote web server hosts a version of Jenkins or Jenkins Enterprise that is prior to 1.642.2 or 1.650. It is, therefore, affected by a Java deserialization vulnerability. An unauthenticated, remote attacker can exploit this, by deserializing specific java.rmi and sun.rmi objects, to start a JR...
RHEL 7 : kernel (RHSA-2014:0786)
Updated kernel packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base score...
Traceroute Information
Makes a traceroute to the remote host. TRUSTED...
Drupal 9.5.x < 9.5.11 / 10.x < 10.0.11 / 10.1.x < 10.1.4 Drupal Vulnerability (SA-CORE-2023-006)
According to its self-reported version, the instance of Drupal running on the remote web server is 9.5.x prior to 9.5.11, 10.x prior to 10.0.11, or 10.1.x prior to 10.1.4. It is, therefore, affected by a vulnerability. - In certain scenarios, Drupal's JSON:API module will output error backtraces...
Windows Terminal RCE (CVE-2022-44702).
A remote code execution vulnerability exists in Windows Terminal. An unauthenticated, local attacker can exploit this to execute arbitrary commands. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 ...
EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2022-2213)
According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the...
AIX OpenSSL Advisory : openssl_advisory21.asc (SWEET32)
The version of OpenSSL installed on the remote AIX host is affected by the following vulnerabilities : - Multiple integer overflow conditions exist in s3srvr.c, sslsess.c, and t1lib.c due to improper use of pointer arithmetic for heap-buffer boundary checks. An unauthenticated, remote attacker ca...
Microsoft Visio Viewer SEoL
According to its self-reported version number, the installation of Microsoft Visio Viewer on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities...
Microsoft Windows 8 Unsupported Installation Detection
The remote host is running Microsoft Windows 8. Support for this operating system by Microsoft ended January 12th, 2016. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. Furthermore,...
CentOS 7 : kernel (RHSA-2023:1091)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1091 advisory. - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse. CVE-2022-42703 - A stack overflow flaw was fou...
F5 Networks BIG-IP : iControl REST unauthenticated remote command execution vulnerability (K03009991)
The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.3 / 13.1.3.6 / 14.1.4 / 15.1.2.1 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K03009991 advisory. - On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1....
Amazon Linux 2 : kernel (ALAS-2020-1495)
The version of kernel installed on the remote host is prior to 4.14.198-152.320. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1495 advisory. In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and...
iLO 4 < 2.60 / iLO 5 < 1.30 Multiple Vulnerabilities
According to its version number, the remote HP Integrated Lights-Out iLO server is affected by multiple vulnerabilities: - A remote command execution vulnerability exists in HP Integrated Lights-Out iLO server due to an unspecified reason. An unauthenticated, remote attacker can exploit this to...
Security Updates for Windows Server 2008 (August 2018) (Foreshadow)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - Errors exist related to microprocessors utilizing speculative execution and L1 data cache that could allow information disclosure. CVE-2018-3615, CVE-2018-3620, CVE-2018-3646 - A remote...
SMB Use Host SID to Enumerate Local Users
Using the host security identifier SID, Nessus was able to enumerate local users on the remote Windows system. C Tenable Network Security, Inc. @PREFERENCES@ include"compat.inc"; if description scriptid10860; scriptversion"1.62"; scriptsetattributeattribute:"pluginmodificationdate",...
SUSE SLES15 Security Update : kernel (Live Patch 28 for SLE 15) (SUSE-SU-2022:3360-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3360-1 advisory. This update for the Linux Kernel 4.12.14-15086 fixes several issues. The following security issues were fixed: - CVE-2022-39188: Fixed a race...
DynaZip < 5.0.0.8 / 6.0.0.5 Zip Archive Handling Multiple Overflows
The version of the DynaZip Max or DynaZip Max Secure installed on the remote host contains a DLL that reportedly is prone to stack-based overflows when repairing or updating a specially crafted ZIP file. Successful exploitation allows an attacker to execute arbitrary code on the affected host...
EulerOS Virtualization 2.9.0 : edk2 (EulerOS-SA-2021-1668)
According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - EFI Development Kit II AARCH64 UEFI FirmwareSecurity Fixes:AuthenticodeVerify calls OpenSSLs d2iPKCS7 API to parse asn encoded signe...
OpenSSL 1.1.0 < 1.1.0g Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.1.0g. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0g advisory. - There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No E...
McAfee ePolicy Orchestrator Agent Remote Log Detection
McAfee ePolicy Orchestrator ePO Agent is running on the remote host, and its logs are viewable by unauthenticated, remote users. This is not the default behavior. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid97212; scriptversion"1.10";...
Debian DLA-263-1 : ruby1.9.1 security update
Two vulnerabilities were identified in the Ruby language interpreter, version 1.9.1. CVE-2012-5371 Jean-Philippe Aumasson identified that Ruby computed hash values without properly restricting the ability to trigger hash collisions predictably, allowing context-dependent attackers to cause a deni...
Fedora 11 : kernel-2.6.30.9-102.fc11 (2009-12786)
CVE-2009-1298 null ptr deref in ipv4 ipfragreasm. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Oracle Global Lifecycle Management (OPatch) (Jan 2023 CPU)
The installation of Oracle Global Lifecycle Management OPatch installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2023 CPU advisory. - Vulnerability in the Oracle Global Lifecycle Management NextGen OUI Framework product of Oracle Fusion Middleware...
SUSE SLES12: kernel-livepatch-4_12_14-150000_150_89-default / etc (SUSE-SU-2022:2750-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2750-1 advisory. This update for the Linux Kernel 4.12.14-122116 fixes several issues. The following security issues were fixed: - CVE-2022-1419: Fixed...
Amazon Linux 2 : kernel, --advisory ALAS2-2021-1696 (ALAS-2021-1696)
The version of kernel installed on the remote host is prior to 4.14.241-184.433. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1696 advisory. A flaw was found in the Linux kernel, where a BPF program can obtain sensitive information from kernel memory via ...
AD Starter Scan - Kerberoasting
Binary data adsikerberoasting.nbin...
PHP 7.2.x < 7.2.14 Multiple vulnerabilities.
According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.14. It is, therefore, affected by multiple vulnerabilities: - An integer underflow condition exists in gdContributionsAlloc function in gdinterpolation.c. An unauthenticated, remote attacker can hav...
Cisco IOS XE Software Smart Install Remote Code Execution Vulnerability
According to its self-reported version, the IOS XE is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...
RHEL 7 : kernel (RHSA-2018:0151)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0151 advisory. - kernel: local privesc in key management CVE-2015-8539 - hw: cpu: speculative execution bounds-check bypass CVE-2017-5753 - kernel:...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3565)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3565 advisory. - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986971 CVE-2017-7895 Tenable has extracted the preceding description block...
OpenSSL 1.0.2 < 1.0.2zc-dev Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.0.2zc-dev. It is, therefore, affected by a vulnerability as referenced in the 1.0.2zc-dev advisory. - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of...
Apache Log4j 1.2 JMSAppender Remote Code Execution (CVE-2021-4104)
The version of Apache Log4j on the remote host is 1.2. It is, therefore, affected by a remote code execution vulnerability when specifically configured to use JMSAppender. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version numbe...
Sysinternals PsExec Elevation of Privilege (CVE-2021-1733)
An elevation of privilege vulnerability exists in Sysinternals PsExec due to the application not properly imposing security restrictions in PsExec, which leads to a security restrictions bypass and privilege escalation. It is possible for a local attacker who is authenticated as a non-admin user ...
Ubuntu 18.04 LTS : Linux kernel (AWS) vulnerabilities (USN-3833-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3833-1 advisory. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could...
phpMyAdmin < 4.8.3 Vulnerability (PMASA-2018-5)
According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is prior to 4.8.3. It is, therefore, affected by a cross-site Scripting vulnerability. Note that Nessus has not attempted to exploit these issues but has instead relied only on the...
KB4019472: Windows 10 Version 1607 and Windows Server 2016 May 2017 Cumulative Update
The remote Windows host is missing security update KB4019472. It is, therefore, affected by multiple vulnerabilities : - A security bypass vulnerability exists in Internet Explorer due to an unspecified flaw. An unauthenticated, remote attacker can exploit this, by convincing a user to visit a...
RHEL 6 : JBoss Core Services (RHSA-2017:0193)
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.23 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...
Oracle Linux 4 : bash (ELSA-2014-3078)
Description of changes: 3.0-27.0.2 - Preliminary fix for CVE-2014-7169 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Oracle Linux Security Advisory ELSA-2014-3078. include'deprecatednasllevel.inc';...
HPE OneView Authentication Bypass (CVE-2023-30908)
Binary data hpeoneviewcve-2023-30908.nbin...
Trellix Agent < 5.7.9 Multiple Vulnerabilities (SB10396)
The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator ePO Agent, installed on the remote host is prior to 5.7.9. It is, therefore, affected by multiple vulnerabilities: - A vulnerability exists in TA for Windows 5.7.8 and earlier, which allows local users, during...
Oracle Linux 8 : olcne (ELSA-2022-9494)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9494 advisory. 1.4.5-1 - Address qemu CVE-2022-26353, CVE-2021-3748 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Solaris 10 (sparc) : 153074-01
SunOS 5.10: libpam.so patch. Date this patch was last updated by Sun : Oct/19/20 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid141557; scriptversion"1.11";...
Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3762-2)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3762-2 advisory. USN-3762-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
Nessus Launched Plugin List
This plugin displays the list of launched plugins in a semicolon delimited list. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid112154; scriptversion"1.4"; scriptcvsdate"Date: 2018/09/24 10:11:01"; scriptnameenglish:"Nessus Launched Plugin List";...
Virtuozzo 7 : readykernel-patch (VZA-2018-045)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an...
Apache Tomcat 7.0.x < 7.0.60 Multiple Vulnerabilities (FREAK)
According to its self-reported version number, the Apache Tomcat service listening on the remote host is 7.0.x prior to 7.0.60. It is, therefore, affected by the following vulnerabilities : - A NULL pointer dereference flaw exists when the SSLv3 option isn't enabled and an SSLv3 ClientHello is...
SuSE 11.3 Security Update : pure-ftpd (SAT Patch Number 10004)
pure-ftpd was updated to fix one security issue and two non-security bugs : - SSLv2 and SSLv3 have been disabled to avoid the attack named POODLE. CVE-2014-3566, bnc902229 - Added the disableascii option. bnc828469 - Fixed wait on TLS handshake. bnc856424 %NASLMINLEVEL 70300 C Tenable Network...
SAP Host Control SOAP Web Service 'Database/Name' Command Execution (SAP Note 1341333)
The version of SAP Host Control, offered by 'sapstartsrv.exe', fails to sanitize user input to the 'Database/Name' parameter when calling the 'GetDatabaseStatus' SOAP method. A remote, unauthenticated attacker may use this to run commands that, by default, run as SYSTEM. Note that while this...