339830 matches found
Scientific Linux Security Update : seamonkey on SL4.x i386/x86_64
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. CVE-2010-3176, CVE-2010-3180 A flaw was found in the way the Gophe...
HP Power Manager < 4.2.10
The installed version of HP Power Manager is less than 4.2.10, and as such has the following vulnerabilities : - Adequate bounds checking is not performed on the 'Login' parameter of the login page, which could lead to a buffer overflow. A remote, unauthenticated attacker could exploit this to...
GLSA-200609-16 : Tikiwiki: Arbitrary command execution
The remote host is affected by the vulnerability described in GLSA-200609-16 Tikiwiki: Arbitrary command execution A vulnerability in jhot.php allows for an unrestricted file upload to the img/wiki/ directory. Additionally, an XSS exists in the highlight parameter of tiki-searchindex.php. Impact ...
CentOS 8 : container-tools:rhel8 (CESA-2022:1762)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1762 advisory. - psgo: Privilege escalation in 'podman top' CVE-2022-1227 - prometheus/clientgolang: Denial of service using InstrumentHandlerCounter CVE-2022-21698 -...
CentOS 8 : mariadb:10.5 (CESA-2022:1557)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:1557 advisory. - mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2154, CVE-2021-2166 - mysql: InnoDB unspecified vulnerability CPU Jul 2021...
PHP 7.4.x < 7.4.24 Arbitrary File Write
The version of PHP installed on the remote host is 7.4.x prior to 7.4.25. It is, therefore, affected by a vulnerability as referenced in the version 7.4.24 advisory. In the Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when...
SUSE SLES12 Security Update : spectre-meltdown-checker (SUSE-SU-2021:2862-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2021:2862-1 advisory. spectre-meltdown-checker was updated to version 0.44 bsc1189477 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kerne...
Oracle Linux 8 : firefox (ELSA-2021-3157)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-3157 advisory. 78.13.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 78.13.0-2 - Update to 78.13...
Debian DSA-4933-1 : nettle - security update
Multiple vulnerabilities were discovered in nettle, a low level cryptographic library, which could result in denial of service remote crash in RSA decryption via specially crafted ciphertext, crash on ECDSA signature verification or incorrect verification of ECDSA signatures. %NASLMINLEVEL 70300 ...
KB4556843: Windows 7 and Windows Server 2008 R2 May 2020 Security Update
The remote Windows host is missing security update 4556843 or cumulative update 4556836. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests. An attacker who successfully exploited thi...
KB4550971: Windows Server 2012 April 2020 Security Update
The remote Windows host is missing security update 4550971 or cumulative update 4550917. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections. An attacker who successfully...
NewStart CGSL CORE 5.05 / MAIN 5.05 : python-requests Vulnerability (NS-SA-2019-0230)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-requests packages installed that are affected by a vulnerability: - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirec...
NewStart CGSL MAIN 4.06 : openssl Vulnerability (NS-SA-2019-0176)
The remote NewStart CGSL host, running version MAIN 4.06, has openssl packages installed that are affected by a vulnerability: - If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond...
Wind River VxWorks Multiple Vulnerabilities (URGENT/11)
According to its self-reported version, the remote device is potentially affected by multiple Wind River VxWorks remote code execution and denial-of-service vulnerabilities in the IPnet TCP/IP stack. An unauthenticated, remote, attacker could leverage these vulnerabilities to gain full access to...
OpenSSL 1.1.1 < 1.1.1c Vulnerability
The version of OpenSSL installed on the remote host is prior to 1.1.1c. It is, therefore, affected by a vulnerability as referenced in the 1.1.1c advisory. - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce...
KB4093110: Security update for Adobe Flash Player (April 2018)
The remote Windows host is missing security update KB4093110. It is, therefore, affected by multiple remote code execution vulnerabilities in Adobe Flash Player. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108962; scriptversion"1.8";...
RHEL 6 : rhev-hypervisor6 (RHSA-2014:1354) (Shellshock)
An updated rhev-hypervisor6 package that fixes several security issues is now available. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...
Terminal Services Encryption Level is Medium or Low
Binary data rdpweakcrypto.nbin...
MySQL 5.0 < 5.0.95 Multiple Vulnerabilities
The version of MySQL 5.0 installed on the remote host is earlier than 5.0.95. Such versions are affected by multiple vulnerabilities. Details are not public yet. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid57604; scriptversion"1.10"; scriptcvsdate"Date: 2018/11/15...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1324-1)
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110. Note that...
openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-1613)
New icedtea update to fix : - ICCProfile file existence detection information leak; CVE-2009-3728: CVSS v2 Base Score: 5.0 - BMP parsing DoS with UNC ICC links; CVE-2009-3885: CVSS v2 Base Score: 5.0 - resurrected classloaders can still have children; CVE-2009-3881: CVSS v2 Base Score: 7.5 -...
SuSE 11 Security Update : Sun Java 1.6.0 (SAT Patch Number 1542)
The Sun Java 6 SDK/JRE was updated to u17 update fixing bugs and various security issues : - The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute...
CentOS 9 : openssh-8.7p1-38.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssh-8.7p1-38.el9 build changelog. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
KB5036909: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (April 2024)
The remote Windows host is missing security update 5036909. It is, therefore, affected by multiple vulnerabilities - SmartScreen Prompt Security Feature Bypass Vulnerability CVE-2024-29988 - Secure Boot Security Feature Bypass Vulnerability CVE-2024-20669, CVE-2024-26168, CVE-2024-26171,...
Security Updates for Microsoft SQL Server (February 2023)
The Microsoft SQL Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2023-21528,...
Oracle JDeveloper Multiple Vulnerabilities (April 2022 CPU)
The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory: - Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware component: Oracle JDeveloper...
RHEL 8 : kernel-rt (RHSA-2021:3445)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3445 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
EulerOS 2.0 SP2 : curl (EulerOS-SA-2020-1626)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and...
AIX 7.1 TL 5 : tcpdump (IJ20783)
https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP. The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint. The LMP parser in...
openSUSE Security Update : go1.12 (openSUSE-2019-2130) (Ping Flood) (Reset Flood)
This update for go1.12 fixes the following issues : Security issues fixed : - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth bsc1146111. - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial o...
EulerOS Virtualization 3.0.1.0 : ntp (EulerOS-SA-2019-1557)
According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that ntpd did not check whether a Message Authentication Code MAC was present in a received packet when ntpd was...
Slackware 14.2 : Slackware 14.2 kernel (SSA:2018-264-01)
New kernel packages are available for Slackware 14.2 to fix a security issue. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-264-01. The text itself is copyright C Slackware Linux, Inc...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3740-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3740-1 advisory. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core...
Fedora 27 : libtomcrypt (2018-39e0872379)
Fix Side Channel Based ECDSA Key Extraction CVE-2018-12437 PR 408 - Fix potential stack overflow when DER flexi-decoding CVE-2018-0739 PR 373 - Fix two-key 3DES PR 390 - Fix accelerated CTR mode PR 359 - Fix Fortuna PRNG PR 363 - Fix compilation on platforms where cc doesn't point to gcc PR 382 -...
Cisco CUCM Voice Operating System-Based Products Unauthorized Access Vulnerability
According to its self-reported version, the Cisco Unified Communications Manager is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...
SSL Certificate Contains Weak RSA Key (Infineon TPM / ROCA)
At least one of the X.509 certificates sent by the remote host has an RSA key that appears to be generated improperly, most likely by a TPM Trusted Platform Module produced by Infineon Technologies. A third party may be able to recover the private key from the certificate's public key. This may...
Default Password 'juantech' for 'root' Account
The account 'root' on the remote host has the default password 'juantech'. A remote attacker can exploit this issue to gain administrative access to the affected system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "root"; password = "juantech"; include'deprecatednasllevel.inc';...
MySQL 5.7.x < 5.7.15 Multiple Vulnerabilities
The version of MySQL running on the remote host is 5.7.x prior to 5.7.15. It is, therefore, affected by multiple vulnerabilities : - Multiple unspecified flaws exist in the Optimizer subcomponent that allow an authenticated, remote attacker to cause a denial of service condition. CVE-2016-3492,...
RHEL 6 : rhev-hypervisor6 (RHSA-2015:0126)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:0126 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...
SIP Script Remote Command Execution via Shellshock
The remote host appears to be running SIP. SIP itself is not vulnerable to Shellshock; however, any Bash script that SIP runs for filtering or other routing tasks could potentially be affected if the script exports an environmental variable from the content or headers of a SIP message. A negative...
PHP PHP_RSHUTDOWN_FUNCTION Security Bypass
According to its banner, the version of PHP 5.x installed on the remote host is 5.x prior to 5.3.11 or 5.4.x prior to 5.4.1 and thus, is potentially affected by a security bypass vulnerability. An error exists related to the function 'PHPRSHUTDOWNFUNCTION' in the libxml extension and the...
SMB QuickFixEngineering (QFE) Enumeration
By connecting to the host with the supplied credentials, this plugin enumerates quick-fix engineering updates installed on the remote host via the registry. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid62042; scriptversion"1.8";...
Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
A flaw was found in the way SeaMonkey creates temporary file names for downloaded files. If a local attacker knows the name of a file SeaMonkey is going to download, they can replace the contents of that file with arbitrary contents. CVE-2009-3274 A heap-based buffer overflow flaw was found in th...
Microsoft IIS /iisadmin Unrestricted Access
When Microsoft Internet Information Server IIS 4.0 is upgraded from version 2.0 or 3.0 the ism.dll file is left in the /scripts/iisadmin directory. This script discloses sensitive information via a specially crafted URL which could lead to elevated privileges. An attacker could use this to gain...
Oracle WebLogic Server (July 2023 CPU)
The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the July 2023 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities, including: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware...
Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5621-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5621-1 advisory. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an...
EulerOS 2.0 SP5 : log4j (EulerOS-SA-2022-1276)
According to the versions of the log4j package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The...
Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5120-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5120-1 advisory. It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to...
openSUSE Security Update : the Linux Kernel (openSUSE-2020-1901)
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-25668: Fixed concurrency use-after-free in confontop bnc1178123. - CVE-2020-25656: Fixed race condition in kbd code bnc1177766. - CVE-2020-25285: A race conditio...
EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1516)
According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Python Software Foundation Python CPython version 2.7 contains a CWE-77: Improper Neutralization of Special Elements...