An unsupported version of .NET Core SDK is installed on the remote host.

According to its version, the .NET Core SDK installed on the remote host is no longer maintained by its vendor or provider.

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities.

Upgrade to a version of .NET Core SDK that is currently supported.

Critical

10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published: 2023/03/07, Modified: 2023/03/07

Path : C:\\program files\dotnet\\sdk\1.1.0
Installed version : 1.1.0
Security End of Life : June 26, 2019
Time since Security End of Life (Est.) : >= 6 years

Path : C:\\program files\dotnet\\sdk\7.0.400
Installed version : 7.0.400
Security End of Life : May 13, 2024
Time since Security End of Life (Est.) : >= 1 year

An unsupported version of ASP.NET Core is installed on the remote host.

According to its version, the ASP.NET Core installed on the remote host is no longer maintained by its vendor or provider.

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities.

Upgrade to a version of ASP.NET Core that is currently supported.

Critical

10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published: 2023/03/07, Modified: 2023/03/07

Path : C:\Program Files (x86)\dotnet\shared\Microsoft.AspNetCore.App\6.0.25
Installed version : 6.0.25
Security End of Life : November 12, 2024
Time since Security End of Life (Est.) : >= 1 year

Path : C:\Program Files (x86)\dotnet\shared\Microsoft.AspNetCore.App\7.0.10
Installed version : 7.0.10
Security End of Life : May 13, 2024
Time since Security End of Life (Est.) : >= 1 year

Path : C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\6.0.25
Installed version : 6.0.25
Security End of Life : November 12, 2024
Time since Security End of Life (Est.) : >= 1 year

Path : C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\7.0.10
Installed version : 7.0.10
Security End of Life : May 13, 2024
Time since Security End of Life (Est.) : >= 1 year

A logging library running on the remote host has multiple vulnerabilities.

According to its self-reported version number, the installation of Apache Log4j on the remote host is 1.x and is no longer supported. Log4j reached its end of life prior to 2016. Additionally, Log4j 1.x is affected by multiple vulnerabilities, including :

- Log4j includes a SocketServer that accepts serialized log events and deserializes them without verifying whether the objects are allowed or not. This can provide an attack vector that can be exploited. (CVE-2019-17571)

- Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. (CVE-2020-9488)

- JMSSink uses JNDI in an unprotected manner allowing any application using the JMSSink to be vulnerable if it is configured to reference an untrusted site or if the site referenced can be accesseed by the attacker.
(CVE-2022-23302)

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.

Upgrade to a version of Apache Log4j that is currently supported.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.

High

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.1 (CVSS:3.0/E:F/RL:O/RC:C)

6.7

0.4904

9.0 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)

7.4 (CVSS2#E:F/RL:OF/RC:C)

I

Published: 2022/01/19, Modified: 2024/06/13

Path : C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Extensions\Common\Jars\log4j-1.2.17.jar
Installed version : 1.2.17

Path : C:\Program Files\Microsoft SQL Server\150\DTS\Extensions\Common\Jars\log4j-1.2.17.jar
Installed version : 1.2.17

An unsupported version of Apache Log4j is installed on the remote host.

According to its version, Apache Log4j is less than or equal to 1.x. It is, therefore, no longer maintained by its vendor or provider.

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities.

Upgrade to a version of Apache Log4j that is currently supported.

Critical

10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published: 2023/09/29, Modified: 2023/11/02

Path : C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Extensions\Common\Jars\log4j-1.2.17.jar
Installed version : 1.2.17
Security End of Life : August 4, 2015
Time since Security End of Life (Est.) : >= 10 years

Path : C:\Program Files\Microsoft SQL Server\150\DTS\Extensions\Common\Jars\log4j-1.2.17.jar
Installed version : 1.2.17
Security End of Life : August 4, 2015
Time since Security End of Life (Est.) : >= 10 years

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5031361. It is, therefore, affected by multiple vulnerabilities

- The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. (CVE-2023-44487)
- Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36577)

- Windows IIS Server Elevation of Privilege Vulnerability (CVE-2023-36434)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5031361

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.4 (CVSS:3.0/E:H/RL:O/RC:C)

8.4

0.9443

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Core Impact (true)

Published: 2023/10/10, Modified: 2024/06/17

The remote host is missing one of the following rollup KBs :
- 5031361

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.4974

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5032196. It is, therefore, affected by multiple vulnerabilities

- Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402)

- Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability (CVE-2023-36397)

- Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability (CVE-2023-36028)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5032196

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.4 (CVSS:3.0/E:H/RL:O/RC:C)

9.5

0.9021

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Core Impact (true)

Published: 2023/11/14, Modified: 2024/06/17

The remote host is missing one of the following rollup KBs :
- 5032196

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.5122

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5040430. It is, therefore, affected by multiple vulnerabilities

- RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen- prefix collision attack against MD5 Response Authenticator signature. (CVE-2024-3596)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5040430

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.4 (CVSS:3.0/E:H/RL:O/RC:C)

9.5

0.9286

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Core Impact (true)

Published: 2024/07/09, Modified: 2025/10/06

The remote host is missing one of the following rollup KBs :
- 5040430

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.6054

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5041578. It is, therefore, affected by multiple vulnerabilities

- An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS) including a subset of Azure Virtual Machine SKUS. This can allow an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS. (CVE-2024-21302)

- A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. (CVE-2022-2601)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5041578

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.4 (CVSS:3.0/E:H/RL:O/RC:C)

9.6

0.9006

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Core Impact (true)

Published: 2024/08/13, Modified: 2025/10/06

The remote host is missing one of the following rollup KBs :
- 5041578

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.6189

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5043050. It is, therefore, affected by multiple vulnerabilities

- Windows MSHTML Platform Spoofing Vulnerability (CVE-2024-43461)

- Windows Remote Desktop Licensing Service Spoofing Vulnerability (CVE-2024-43455)

- Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability (CVE-2024-38260, CVE-2024-38263, CVE-2024-43454, CVE-2024-43467)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5043050

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.1 (CVSS:3.0/E:F/RL:O/RC:C)

8.4

0.2639

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.3 (CVSS2#E:F/RL:OF/RC:C)

I

Core Impact (true)

Published: 2024/09/10, Modified: 2025/10/22

The remote host is missing one of the following rollup KBs :
- 5043050

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.6292

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5044277. It is, therefore, affected by multiple vulnerabilities

- libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes `free()` on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort. Some however accept the input pointer and add that memory to its list of available chunks. This leads to the overwriting of nearby stack memory. The content of the overwrite is decided by the `free()` implementation; likely to be memory pointers and a set of flags. The most likely outcome of exploting this flaw is a crash, although it cannot be ruled out that more serious results can be had in special circumstances. (CVE-2024-6197)
- Remote Desktop Client Remote Code Execution Vulnerability (CVE-2024-43599)

- An unauthenticated attacker could send a specially crafted protocol message to a Routing and Remote Access Service (RRAS) server, which could lead to remote code execution (RCE) on the RAS server machine.
(CVE-2024-43607)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5044277

Critical

9.0 (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)

8.6 (CVSS:3.0/E:H/RL:O/RC:C)

9.6

0.5847

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Published: 2024/10/08, Modified: 2024/11/18

The remote host is missing one of the following rollup KBs :
- 5044277

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.6414

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5046615. It is, therefore, affected by multiple vulnerabilities

- Windows Kerberos Remote Code Execution Vulnerability (CVE-2024-43639)

- Windows NT OS Kernel Elevation of Privilege Vulnerability (CVE-2024-43623)

- Windows Telephony Service Elevation of Privilege Vulnerability (CVE-2024-43626)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5046615

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.4 (CVSS:3.0/E:H/RL:O/RC:C)

10.0

0.9039

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Published: 2024/11/12, Modified: 2025/01/23

The remote host is missing one of the following rollup KBs :
- 5046615

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.6530

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5063877. It is, therefore, affected by multiple vulnerabilities

- Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
(CVE-2025-53766)

- Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network. (CVE-2025-49751)

- Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. (CVE-2025-49743)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5063877

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.5 (CVSS:3.0/E:U/RL:O/RC:C)

7.4

0.017

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.4 (CVSS2#E:U/RL:OF/RC:C)

I

Published: 2025/08/12, Modified: 2025/10/29

The remote host is missing one of the following rollup KBs :
- 5063877

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.7671

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5066586. It is, therefore, affected by multiple vulnerabilities

- tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka Predictor heap-buffer-overflow. (CVE-2016-9535)

- In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image. (CVE-2025-47827)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5066586

High

9.9 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H)

9.2 (CVSS:3.0/E:F/RL:O/RC:C)

9.2

0.0824

7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

6.2 (CVSS2#E:F/RL:OF/RC:C)

I

Published: 2025/10/14, Modified: 2025/11/18

The remote host is missing one of the following rollup KBs :
- 5066586

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.7919

An unsupported version of Microsoft .NET Core is installed on the remote host.

According to its version, the Microsoft .NET Core installed on the remote host is no longer maintained by its vendor or provider.

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities.

Upgrade to a version of Microsoft .NET Core that is currently supported.

Critical

10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published: 2023/03/07, Modified: 2023/03/07

Path : C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\6.0.25\
Installed version : 6.0.25
Security End of Life : November 12, 2024
Time since Security End of Life (Est.) : >= 1 year

Path : C:\Program Files (x86)\dotnet\shared\Microsoft.NetCore.App\7.0.10\
Installed version : 7.0.10.32713
Security End of Life : May 13, 2024
Time since Security End of Life (Est.) : >= 1 year

Path : C:\Program Files\dotnet\shared\Microsoft.NETCore.App\1.0.5\
Installed version : 1.0.5
Security End of Life : June 26, 2019
Time since Security End of Life (Est.) : >= 6 years

Path : C:\Program Files\dotnet\shared\Microsoft.NETCore.App\1.1.2\
Installed version : 1.1.2
Security End of Life : June 26, 2019
Time since Security End of Life (Est.) : >= 6 years

Path : C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.25\
Installed version : 6.0.25
Security End of Life : November 12, 2024
Time since Security End of Life (Est.) : >= 1 year

Path : C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.10\
Installed version : 7.0.10.32713
Security End of Life : May 13, 2024
Time since Security End of Life (Est.) : >= 1 year

The remote Windows host is affected by a security feature bypass vulnerability.

The version of ASP.NET Core installed on the remote Windows host is 8.0.x prior to 8.0.21, 9.0.x prior to 9.0.10, or 10.0.0-rc.1.25451.107. It is, therefore, affected by a security feature bypass vulnerability.
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Update .NET Core to version 8.0.21, 9.0.10, 10.0.0-rc.2.25502.107 or later.

High

9.9 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L)

10.0

0.0004

8.7 (CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:P)

I

Published: 2025/10/17, Modified: 2025/10/17

Path : C:\Program Files (x86)\dotnet\shared\Microsoft.AspNetCore.App\8.0.0
Installed version : 8.0.0
Fixed version : 8.0.21

Path : C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\8.0.0
Installed version : 8.0.0
Fixed version : 8.0.21

Path : C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\8.0.7
Installed version : 8.0.7
Fixed version : 8.0.21

The remote host contains an unsupported version of Microsoft Office.

According to its version, the installation of Microsoft Office on the remote Windows host is no longer supported.
Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.

Upgrade to a version of Microsoft Office that is currently supported.

Critical

10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published: 2011/12/02, Modified: 2024/03/22

Installed product : Office 2010
End of support date : October 13, 2020
Supported versions : Office 2016, 2019, 2021 or Office 365

An unsupported version of a database server is running on the remote host.

According to its self-reported version number, the installation of Microsoft SQL Server on the remote host is no longer supported.

Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities.

Upgrade to a version of Microsoft SQL Server that is currently supported.

Critical

10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published: 2013/02/21, Modified: 2025/10/30

The following unsupported installations of Microsoft SQL Server were
detected :

Installed version : 13.0.4001.0 Express Edition
Install path : C:\Program Files\Microsoft SQL Server\130\LocalDB\Binn\
Instance : MSSQL13E.LOCALDB
Minimum supported version : 13.0.6300.2 (2016 SP3)

Node.js - JavaScript run-time environment is affected by multiple vulnerabilities.

The version of Node.js installed on the remote host is prior to 16.20.2, 18.17.1, 20.5.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Wednesday August 09 2023 Security Releases advisory:

- Permissions policies can be bypassed via Module._load (CVE-2023-32002)

- Permission model bypass by specifying a path traversal sequence in a Buffer (CVE-2023-32004)

- process.binding() can bypass the permission model through path traversal (CVE-2023-32558)

- Permissions policies can impersonate other modules in using module.constructor.createRequire() (CVE-2023-32006)

- Permissions policies can be bypassed via process.binding (CVE-2023-32559)

- fs.statfs can retrive stats from files restricted by the Permission Model (CVE-2023-32005)

- fs.mkdtemp() and fs.mkdtempSync() are missing getValidatedPath() checks (CVE-2023-32003)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade to Node.js version 16.20.22 / 18.17.1 / 20.5.1 or later.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.8 (CVSS:3.0/E:P/RL:O/RC:C)

6.7

0.0103

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.8 (CVSS2#E:POC/RL:OF/RC:C)

I

Published: 2023/08/11, Modified: 2024/01/09

Path : C:\Program Files (x86)\nodejs\
Installed version : 18.16.1
Fixed version : 18.17.1

Node.js - JavaScript run-time environment is affected by multiple vulnerabilities.

The version of Node.js installed on the remote host is prior to 18.18.2, 20.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Friday October 13 2023 Security Releases advisory.

- Undici did not always clear Cookie headers on cross-origin redirects. By design, cookie headers are forbidden request headers, disallowing them to be set in RequestInit.headers in browser environments.
Since undici handles headers more liberally than the spec, there was a disconnect from the assumptions the spec made, and undici's implementation of fetch. As such this may lead to accidental leakage of cookie to a 3rd-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the 3rd party site. More details area available in GHSA-wqq4-5wpv-mx2g (CVE-2023-45143)

- Rapidly creating and cancelling streams (HEADERS frame immediately followed by RST_STREAM) without bound causes denial of service. See https://www.cve.org/CVERecord?id=CVE-2023-44487 for details. Impacts:
(CVE-2023-44487)

- A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Impacts: Please note that at the time this CVE is issued, the permission model is an experimental feature of Node.js. Thanks to Tobias Nieen who reported and created the security patch. (CVE-2023-39331)

- Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings (see CVE-2023-30584) and Buffer objects (see CVE-2023-32004), but not through non-Buffer Uint8Array objects. This is distinct from CVE-2023-32004 (report 2038134), which only referred to Buffer objects. However, the vulnerability follows the same pattern using Uint8Array instead of Buffer. Impacts:
Please note that at the time this CVE is issued, the permission model is an experimental feature of Node.js. Thanks to Tobias Nieen who reported and created the security patch. (CVE-2023-39332)

- When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to node's policy implementation, thus effectively disabling the integrity check. Impacts: Please note that at the time this CVE is issued, the policy mechanism is an experimental feature of Node.js. Thanks to Tobias Nieen who reported and created the security patch. (CVE-2023-38552)

- Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. Impacts: Thanks to dittyroma for reporting the issue and to Tobias Nieen for fixing it. (CVE-2023-39333)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade to Node.js version 18.18.2 / 20.8.1 or later.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.1 (CVSS:3.0/E:F/RL:O/RC:C)

6.9

0.9443

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.3 (CVSS2#E:F/RL:OF/RC:C)

I

Published: 2023/10/19, Modified: 2024/02/23

Path : C:\Program Files (x86)\nodejs\
Installed version : 18.16.1
Fixed version : 18.18.2

Node.js - JavaScript run-time environment is affected by multiple vulnerabilities.

The version of Node.js installed on the remote host is prior to 18.19.1, 20.11.1, 21.6.2. It is, therefore, affected by multiple vulnerabilities as referenced in the Wednesday February 14 2024 Security Releases advisory.

- On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. Impacts: Thank you, to Tobias Nieen for reporting this vulnerability and for fixing it. (CVE-2024-21892)

- A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits. Impacts: Thank you, to Bartek Nowotarski for reporting this vulnerability and thank you Paolo Insogna for fixing it. (CVE-2024-22019)

- The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from() to obtain a Buffer from the result of path.resolve(). By monkey-patching Buffer internals, namely, Buffer.prototype.utf8Write, the application can modify the result of path.resolve(), which leads to a path traversal vulnerability. Impacts: Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. Thank you, to Tobias Nieen for reporting this vulnerability and for fixing it. (CVE-2024-21896)

- setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid().
This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). Impacts: Thank you, to valette for reporting this vulnerability and thank you Tobias Nieen for fixing it. (CVE-2024-22017)

- A vulnerability in the privateDecrypt() API of the crypto library, allowed a covert timing side-channel during PKCS#1 v1.5 padding error handling. The vulnerability revealed significant timing differences in decryption for valid and invalid ciphertexts. This poses a serious threat as attackers could remotely exploit the vulnerability to decrypt captured RSA ciphertexts or forge signatures, especially in scenarios involving API endpoints processing Json Web Encryption messages. Impacts: Thank you, to hkario for reporting this vulnerability and thank you Michael Dawson for fixing it. (CVE-2023-46809)

- Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions, which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack. Impacts: Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. Thank you, to xion for reporting this vulnerability and thank you Rafael Gonzaga for fixing it. (CVE-2024-21891)

- The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/*.pub will ignore pub and give access to everything after .ssh/. Impacts: Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. Thank you, to Tobias Nieen for reporting this vulnerability and thank you Rafael Gonzaga for fixing it. (CVE-2024-21890)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade to Node.js version 18.19.1 / 20.11.1 / 21.6.2 or later.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.5 (CVSS:3.0/E:U/RL:O/RC:C)

5.9

0.1041

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.4 (CVSS2#E:U/RL:OF/RC:C)

I

Published: 2024/02/21, Modified: 2025/04/03

Path : C:\Program Files (x86)\nodejs\
Installed version : 18.16.1
Fixed version : 18.19.1

The remote host is affected by multiple vulnerabilities

The versions of Java installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2025 CPU advisory.

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX (gstreamer)). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM Enterprise Edition. (CVE-2024-47606)

- Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX (WebKitGTK)). Supported versions that are affected are Oracle Java SE: 8u441; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM Enterprise Edition. (CVE-2024-54534)

- Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Node (Node.js)). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.14 and 21.0.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle GraalVM for JDK executes to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle GraalVM for JDK accessible data as well as unauthorized access to critical data or complete access to all Oracle GraalVM for JDK accessible data. (CVE-2025-23083)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply the appropriate patch according to the April 2025 Oracle Critical Patch Update advisory.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.1 (CVSS:3.0/E:F/RL:O/RC:C)

7.4

0.0067

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.3 (CVSS2#E:F/RL:OF/RC:C)

I

Published: 2025/04/18, Modified: 2025/08/12

Path : C:\Program Files\Java\jdk-17\
Installed version : 17.0.12 / build 17.0.12
Fixed version : Upgrade to version 17.0.15 or greater

The remote host is affected by multiple vulnerabilities

The versions of Java installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory.

- Vulnerability in Oracle Java SE (component: JavaFX (libxml2)). Supported versions that are affected are Oracle Java SE: 8u451-b50. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Java SE. (CVE-2024-40896)

- Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. (CVE-2025-30749)

- Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. (CVE-2025-50059)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply the appropriate patch according to the July 2025 Oracle Critical Patch Update advisory.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.8 (CVSS:3.0/E:P/RL:O/RC:C)

6.7

0.0023

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.8 (CVSS2#E:POC/RL:OF/RC:C)

I

Published: 2025/07/18, Modified: 2025/10/30

Path : C:\Program Files\Java\jdk-17\
Installed version : 17.0.12 / build 17.0.12
Fixed version : Upgrade to version 17.0.16 or greater

The remote Windows host is affected by a .NET Core vulnerability

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024_Jan_09 advisory.

- NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability (CVE-2024-0057)

- .NET Denial of Service Vulnerability (CVE-2024-20672)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Update .NET Core, remove vulnerable packages and refer to vendor advisory.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.5 (CVSS:3.0/E:U/RL:O/RC:C)

7.4

0.0864

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.4 (CVSS2#E:U/RL:OF/RC:C)

I

Published: 2024/01/10, Modified: 2024/02/16

Path : C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\6.0.25\
Installed version : 6.0.25
Fixed version : 6.0.26

Path : C:\Program Files (x86)\dotnet\shared\Microsoft.NETCore.App\8.0.0\
Installed version : 8.0.0
Fixed version : 8.0.1

Path : C:\Program Files (x86)\dotnet\shared\Microsoft.NetCore.App\7.0.10\
Installed version : 7.0.10.32713
Fixed version : 7.0.15

Path : C:\Program Files\dotnet\shared\Microsoft.NETCore.App\6.0.25\
Installed version : 6.0.25
Fixed version : 6.0.26

Path : C:\Program Files\dotnet\shared\Microsoft.NETCore.App\7.0.10\
Installed version : 7.0.10.32713
Fixed version : 7.0.15

Path : C:\Program Files\dotnet\shared\Microsoft.NETCore.App\8.0.0\
Installed version : 8.0.0
Fixed version : 8.0.1

The Microsoft .NET Framework installation on the remote host is missing a security update.

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows:

- Denial of service vulnerability in Microsoft .NET Framework. (CVE-2023-36042, CVE-2024-21312)

- Security feature bypass in System.Data.SqlClient SQL data provider. An attacker can perform a man-in-the-middle attack on the connection between the client and server in order to read and modify the TLS traffic. (CVE-2024-0056)

- Security feature bypass in applications that use the X.509 chain building APIs. When processing an untrusted certificate with malformed signatures, the framework returns an incorrect reason code.
Applications which make use of this reason code may treat this scenario as a successful chain build, potentially bypassing the application's typical authentication logic. (CVE-2024-0057)

Microsoft has released security updates for Microsoft .NET Framework.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.5 (CVSS:3.0/E:U/RL:O/RC:C)

9.0

0.0864

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.4 (CVSS2#E:U/RL:OF/RC:C)

I

Published: 2024/01/10, Modified: 2024/03/29

Microsoft .NET Framework 4.8
The remote host is missing one of the following rollup KBs :

Cumulative
- 5033911

C:\Windows\Microsoft.NET\Framework\v4.0.30319\system.web.dll has not been patched.
Remote version : 4.8.4110.0
Should be : 4.8.4690.0

The Microsoft .NET Framework installation on the remote host is missing a security update.

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows:

- Security feature bypass in ASP.NET. An attacker can bypass the security checks that prevents an attacker from accessing internal applications in a website. (CVE-2023-36560)

- Privilege escalation vulnerability in FTP component of .NET Framework. An attacker can inject arbitrary commands to the FTP server. (CVE-2023-36049)

- Information disclosure vulnerability in .NET Framework. An attacker can obtain the ObjRef URI which could lead to remote code execution. (CVE-2024-29059

Microsoft has released security updates for Microsoft .NET Framework.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.1 (CVSS:3.0/E:F/RL:O/RC:C)

8.4

0.9385

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.3 (CVSS2#E:F/RL:OF/RC:C)

I

Published: 2023/11/16, Modified: 2025/02/04

Microsoft .NET Framework 4.8
The remote host is missing one of the following rollup KBs :

Cumulative
- 5031990

C:\Windows\Microsoft.NET\Framework\v4.0.30319\system.web.dll has not been patched.
Remote version : 4.8.4110.0
Should be : 4.8.4682.0

The Microsoft SQL Server installation on the remote host is missing a security update.

The Microsoft SQL Server installation on the remote host is missing a security update. It is affected by the following vulnerabilities:

- An elevation of privilege vulnerability. An authenticated, remote attacker can exploit this issue, to gain elevated privileges. (CVE-2024-37341, CVE-2024-37965, CVE-2024-37980)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Microsoft has released security updates for Microsoft SQL Server.

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.5 (CVSS:3.0/E:U/RL:O/RC:C)

6.7

0.076

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.4 (CVSS2#E:U/RL:OF/RC:C)

I

Published: 2024/09/12, Modified: 2025/01/08

KB : 5042214
- C:\Program Files\Microsoft SQL Server\MSSQL15.MSSQLSERVER\MSSQL\Binn\sqlservr.exe has not been patched.
Remote version : 2019.150.2000.5
Should be : 2019.150.2120.1

SQL Server Version : 15.0.2000.5 Standard Edition
SQL Server Instance : MSSQLSERVER

The Microsoft Visual Studio Products are affected by multiple vulnerabilities.

The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including:

- Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability (CVE-2023-29356, CVE-2023-32025, CVE-2023-32026, CVE-2023-32027)

- NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability (CVE-2024-0057)

- Visual Studio Elevation of Privilege Vulnerability (CVE-2024-20656)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Microsoft has released the following security updates to address this issue:
- Update 15.9.59 for Visual Studio 2017
- Update 16.11.33 for Visual Studio 2019
- Update 17.2.23 for Visual Studio 2022
- Update 17.4.15 for Visual Studio 2022
- Update 17.6.11 for Visual Studio 2022
- Update 17.8.4 for Visual Studio 2022

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

9.4 (CVSS:3.0/E:H/RL:O/RC:C)

9.0

0.5702

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Published: 2024/01/09, Modified: 2025/11/24

Path : C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\devenv.exe
Installed version : 15.3.26730.8
Fixed version : 15.9.34407.156 (15.9.59)

Path : C:\Program Files\Microsoft Visual Studio\2022\Professional\Common7\IDE\devenv.exe
Installed version : 17.8.34330.188
Fixed version : 17.8.34408.163 (17.8.4)

The Microsoft Visual Studio Products are affected by multiple vulnerabilities.

The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including:

- Recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution. (CVE-2024-32002)

- Remote Code Execution while cloning special-crafted local repositories. (CVE-2024-32004)

- A Remote Code Execution vulnerability exists in .NET 7.0 and .NET 8.0 where a stack buffer overrun occurs in .NET Double Parse routine. (CVE-2024-30045)

- A Vulnerability exists in Microsoft.AspNetCore.Server.Kestrel.Core.dll where a dead-lock can occur resulting in Denial of Service. (CVE-2024-30046)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Microsoft has released the following security updates to address this issue:
- Update 15.9.62 for Visual Studio 2017
- Update 16.11.36 for Visual Studio 2019
- Update 17.4.19 for Visual Studio 2022
- Update 17.6.15 for Visual Studio 2022
- Update 17.8.10 for Visual Studio 2022
- Update 17.9.7 for Visual Studio 2022

High

9.0 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)

8.1 (CVSS:3.0/E:P/RL:O/RC:C)

9.2

0.7959

7.6 (CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)

6.0 (CVSS2#E:POC/RL:OF/RC:C)

I

Published: 2024/05/17, Modified: 2024/06/14

Path : C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\devenv.exe
Installed version : 15.3.26730.8
Fixed version : 15.9.34830.200 (15.9.62)

Path : C:\Program Files\Microsoft Visual Studio\2022\Professional\Common7\IDE\devenv.exe
Installed version : 17.8.34330.188
Fixed version : 17.8.34902.127 (17.8.10)

The Microsoft Visual Studio Products are affected by multiple vulnerabilities.

The Microsoft Visual Studio Products are missing security updates. They are, therefore, affected by multiple vulnerabilities, including:

- A remote unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to a .NET vulnerable webapp or loading a specially crafted file into a vulnerable application. (CVE-2024-43498)
- The NrbfDecoder component in .NET 9 contains a denial of service vulnerability due to incorrect input validation. (CVE-2024-43499)

- Elevation of Privilege Vulnerability in Visual Studio C++ Redistributable Installer (CVE-2024-43590)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Microsoft has released the following security updates to address this issue:
- Update 17.6.20 for Visual Studio 2022
- Update 17.8.15 for Visual Studio 2022
- Update 17.10.8 for Visual Studio 2022
- Update 17.11.5 for Visual Studio 2022

Critical

9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.5 (CVSS:3.0/E:U/RL:O/RC:C)

6.7

0.0548

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.4 (CVSS2#E:U/RL:OF/RC:C)

I

Published: 2024/11/13, Modified: 2025/01/17

Path : C:\Program Files\Microsoft Visual Studio\2022\Professional\Common7\IDE\devenv.exe
Installed version : 17.8.34330.188
Fixed version : 17.8.35430.204 (17.8.16)

A package installed on the remote host is affected by a remote code execution vulnerability.

The version of Apache Log4j on the remote host is 1.2. It is, therefore, affected by a remote code execution vulnerability when specifically configured to use JMSAppender.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Upgrade to Apache Log4j version 2.16.0 or later since 1.x is end of life.

Upgrading to the latest versions for Apache Log4j is highly recommended as intermediate versions / patches have known high severity vulnerabilities and the vendor is updating their advisories often as new research and knowledge about the impact of Log4j is discovered. Refer to https://logging.apache.org/log4j/2.x/security.html for the latest versions.

Medium

7.5 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

7.0 (CVSS:3.0/E:F/RL:O/RC:C)

6.7

0.722

6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)

5.0 (CVSS2#E:F/RL:OF/RC:C)

I

Published: 2021/12/15, Modified: 2024/06/13

Path : C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Extensions\Common\Jars\log4j-1.2.17.jar
Installed version : 1.2.17
Fixed version : 2.16.0

Path : C:\Program Files\Microsoft SQL Server\150\DTS\Extensions\Common\Jars\log4j-1.2.17.jar
Installed version : 1.2.17
Fixed version : 2.16.0

The remote Windows host has a program that is affected by a denial of service vulnerability.

The version of Curl installed on the remote host is affected by a denial of service vulnerability due to accepting and storing unlimited large headers.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Upgrade Curl to version 8.3.0 or later

High

7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

6.7 (CVSS:3.0/E:P/RL:O/RC:C)

4.4

0.1447

7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)

6.1 (CVSS2#E:POC/RL:OF/RC:C)

I

Published: 2023/09/14, Modified: 2024/10/07

Path : c:\windows\system32\curl.exe
Installed version : 8.0.1.0
Fixed version : 8.3.0

Path : c:\windows\syswow64\curl.exe
Installed version : 8.0.1.0
Fixed version : 8.3.0

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5030214. It is, therefore, affected by multiple vulnerabilities

- Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability (CVE-2023-35355)

- DHCP Server Service Denial of Service Vulnerability (CVE-2023-38162)

- Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5030214

High

8.8 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

8.4 (CVSS:3.0/E:H/RL:O/RC:C)

9.5

0.7891

8.3 (CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C)

7.2 (CVSS2#E:H/RL:OF/RC:C)

I

Core Impact (true)

Published: 2023/09/12, Modified: 2024/10/23

The remote host is missing one of the following rollup KBs :
- 5030214

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.4851

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5033371. It is, therefore, affected by multiple vulnerabilities

- Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006)

- Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability (CVE-2023-36696)

- Win32k Elevation of Privilege Vulnerability (CVE-2023-36011)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5033371

Critical

8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

8.2 (CVSS:3.0/E:F/RL:O/RC:C)

8.4

0.3857

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.3 (CVSS2#E:F/RL:OF/RC:C)

I

Core Impact (true)

Published: 2023/12/12, Modified: 2025/10/31

The remote host is missing one of the following rollup KBs :
- 5033371

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.5202

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5034127. It is, therefore, affected by multiple vulnerabilities

- Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654)

- BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666)

- Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5034127

Critical

8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

7.9 (CVSS:3.0/E:P/RL:O/RC:C)

8.4

0.5194

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

7.8 (CVSS2#E:POC/RL:OF/RC:C)

I

Published: 2024/01/09, Modified: 2024/06/17

The remote host is missing one of the following rollup KBs :
- 5034127

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.5328

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5034768. It is, therefore, affected by multiple vulnerabilities

- Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21350, CVE-2024-21352, CVE-2024-21358, CVE-2024-21359, CVE-2024-21360, CVE-2024-21361, CVE-2024-21365, CVE-2024-21366, CVE-2024-21367, CVE-2024-21368, CVE-2024-21369, CVE-2024-21370, CVE-2024-21375, CVE-2024-21391, CVE-2024-21420)

- Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-21338, CVE-2024-21371)

- Windows Kernel Information Disclosure Vulnerability (CVE-2024-21340)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5034768

Critical

8.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

8.4 (CVSS:3.0/E:H/RL:O/RC:C)

9.5

0.9377

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Core Impact (true)

Published: 2024/02/13, Modified: 2025/10/09

The remote host is missing one of the following rollup KBs :
- 5034768

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.5458

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5035849. It is, therefore, affected by multiple vulnerabilities

- Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166)

- Windows USB Hub Driver Remote Code Execution Vulnerability (CVE-2024-21429)

- Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability (CVE-2024-21430)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5035849

Critical

8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

7.7 (CVSS:3.0/E:H/RL:O/RC:C)

9.5

0.3458

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I

Core Impact (true)

Published: 2024/03/12, Modified: 2025/10/22

The remote host is missing one of the following rollup KBs :
- 5035849

- C:\Windows\system32\ntoskrnl.exe has not been patched.
Remote version : 10.0.17763.4737
Should be : 10.0.17763.5576

The remote Windows host is affected by multiple vulnerabilities.

The remote Windows host is missing security update 5036896. It is, therefore, affected by multiple vulnerabilities

- SmartScreen Prompt Security Feature Bypass Vulnerability (CVE-2024-29988)

- Secure Boot Security Feature Bypass Vulnerability (CVE-2024-20669, CVE-2024-26168, CVE-2024-26171, CVE-2024-26175, CVE-2024-26180, CVE-2024-26189, CVE-2024-26194, CVE-2024-26240, CVE-2024-26250, CVE-2024-28896, CVE-2024-28897, CVE-2024-28898, CVE-2024-28903, CVE-2024-28919, CVE-2024-28920, CVE-2024-28921, CVE-2024-28922, CVE-2024-28923, CVE-2024-28924, CVE-2024-28925, CVE-2024-29061, CVE-2024-29062)

- Windows rndismp6.sys Remote Code Execution Vulnerability (CVE-2024-26252, CVE-2024-26253)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Apply Security Update 5036896

Critical

7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

7.5 (CVSS:3.0/E:H/RL:O/RC:C)

9.6

0.8317

10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

8.7 (CVSS2#E:H/RL:OF/RC:C)

I