Drupal RCE Vulnerability (SA-CORE-2019-003) - Linux

Some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

OpenSSL: Timing vulnerability in DSA signature generation (CVE-2018-0734) - Windows

OpenSSL is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Struts Security Update (S2-016, S2-017) - Active Check

Apache Struts is prone to multiple vulnerabilities. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Jigsaw webserver MS/DOS device DoS

It was possible to crash the Jigsaw web server by requesting /servlet/con about 30 times. A cracker may use this attack to make this service crash continuously. OpenVAS Vulnerability Test $Id: jigsawmsdosdevDoS.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Jigsaw webserver MS/DOS device Do...

Fuji Xerox / Fujifilm Printer Detection (SNMP)

SNMP based detection of Fuji Xerox / Fujifilm printer devices. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Grafana 3.0.1 < 6.7.4, 7.0 < 7.0.2 SSRF Vulnerability

Grafana is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

rConfig <= 3.9.4 Multiple SQL Injection Vulnerabilities

rConfig is prone to multiple SQL injection vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Windows Defender Firewall: Domain Profile: Allow unicast response

The policy determines whether unicast responses to multicast or broadcast messages for a domain connection will be blocked. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of...

Gitea < 1.8.0 2FA Bypass Vulnerability

Gitea is prone to a two factor authentication bypass vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitea:gitea";...

Apache Tomcat 'Hostname Verification' Security Bypass Vulnerability - Windows

Apache Tomcat is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:tomcat";...

Microsoft Windows Multiple Vulnerabilities (KB4074598)

This host is missing a critical security update according to Microsoft KB4074598 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache HTTP Server 'Whitespace Defects' Multiple Vulnerabilities

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4022718)

This host is missing a critical security update according to Microsoft KB4022718 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSSEC Web UI 'searchid' Parameter Cross Site Scripting Vulnerability

OSSEC Web UI is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)

This host is missing a moderate security update according to Microsoft Bulletin MS12-073. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Internet Information Services (IIS) FTP Service Remote Code Execution Vulnerability (2489256)

This host is missing a critical security update according to Microsoft Bulletin MS11-004. OpenVAS Vulnerability Test $Id: secpodms11-004.nasl 7582 2017-10-26 11:56:51Z cfischer $ Internet Information Services IIS FTP Service Remote Code Execution Vulnerability 2489256 Authors: Sooraj KS Copyright...

Nmap NSE: Banner Grabber

This script attempts to connect to the target port and returns the banner of the remote service. This is a wrapper on the Nmap Security Scanner's http://nmap.org banner.nse OpenVAS Vulnerability Test $Id: gbnmapbannergrabber.nasl 8233 2017-12-22 09:37:31Z cfischer $ Wrapper for Nmap Banner Grabbe...

Conficker Detection

This host seems to be contaminated with infectious Conficker Worm. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PowerDNS Recursor 4.1.0 < 4.1.16, 4.2.0 < 4.2.2, 4.3.0 Multiple Vulnerabilities

PowerDNS Recursor is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:powerdns:recursor";...

Microsoft Windows Multiple Vulnerabilities (KB4537820)

This host is missing a critical security update according to Microsoft KB4537820 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1051)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft .NET Framework Multiple RCE Vulnerabilities (KB4535104)

This host is missing a critical security update according to Microsoft KB4535104 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Debian: Security Advisory (DSA-4509-3)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MantisBT < 2.13.2 Information Disclosure Vulnerability - Linux

MantisBT is prone to an information disclosure vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Debian: Security Advisory (DLA-1832-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4503286)

This host is missing a critical security update according to Microsoft KB4503286 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

OpenSSH < 7.4 Multiple Vulnerabilities (Jan 2017) - Windows

OpenSSH is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh"; ifdescription...

Observium Multiple Vulnerabilities

Observium is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:observium:networkmonitor"; if...

Lighttpd < 1.4.35 Multiple Vulnerabilities - Active Check

Lighttpd is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:lighttpd:lighttpd"; ifdescription...

QNAP QTS OS Command Injection Vulnerability (QSA-24-26)

QNAP QTS is prone to an OS command injection vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...

Pi-hole Web Interface < 4.3.3 RCE Vulnerability

The Pi-hole Web Interface previously AdminLTE is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft Windows Multiple Vulnerabilities (KB4512517)

This host is missing a critical security update according to Microsoft KB4512517 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Debian: Security Advisory (DLA-1816-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

D-Link DWR Devices Detection (HTTP)

HTTP based detection of D-Link DWR Router devices. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ZYCOO IP Phone System RCE Vulnerability

ZYCOO IP Phone System is prone to a remote command execution RCE vulnerability SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

OpenSSH <= 7.2p2 Privilege Escalation Vulnerability (May 2016)

OpenSSH is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...

Adobe Experience Manager (AEM) Multiple Vulnerabilities (APSB16-05) - Active Check

Adobe Experience Manager AEM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Windows Kernel-Mode Driver Privilege Escalation and RCE Vulnerabilities (3000061)

This host is missing a critical security update according to Microsoft Bulletin MS14-058. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Apache Tomcat RCE Vulnerability (May 2020) - Windows

Apache Tomcat is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Debian: Security Advisory (DLA-1807-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Xerox AltaLink Printers Multiple Vulnerabilities

Xerox AltaLink Printers are prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

Microsoft Windows 10: Increase scheduling priority

This policy setting determines which user accounts can increase the base priority class of a process. It is not a privileged operation to increase relative priority within a priority class. This user right is not required by administrative tools that are supplied with the operating system, but it...

CentOS Update for kernel CESA-2018:0395 centos7

Check the version of kernel SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882849";...

PHPMailer < 5.2.18 Remote Code Execution Vulnerability.

PHPMailer is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

w3af (NASL wrapper)

This plugin uses w3af w3afconsole to be exact to find web security issues. See the preferences section for w3af options. Note that OpenVAS is using limited set of w3af options. Therefore, for more complete web assessment, you should use standalone w3af tool for deeper/customized checks. OpenVAS...

Weak Key Exchange (KEX) Algorithm(s) Supported (SSH)

The remote SSH server is configured to allow / support weak key exchange KEX algorithms. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Multiple Vulnerabilities (KB4489882)

This host is missing a critical security update according to Microsoft KB4489882 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Microsoft .NET Framework Multiple Vulnerabilities (KB4483450)

This host is missing an important security update according to Microsoft KB4483450 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Swarmpit UI Detection

Detection of Swarmpit Web UI. The script sends a connection request to the server and attempts to detect Swarmpit UI and to extract its version if possible. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Microsoft Office 2016 Remote Code Execution Vulnerability (KB3213551)

This host is missing an important security update according to Microsoft KB3213551 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...