ARK-Web Co., Ltd. Security Vulnerabilities

Oracle Web Determinations Detection

The remote web server hosts Oracle Web Determinations, a web-based interactive assessment system that is a component of Oracle Policy...

Open Web Analytics Detection

The remote web server is hosting Open Web Analytics, a web application framework for tracking and analyzing website and web application...

Amazon Web Services Settings

This script initializes the credentials used for Amazon Web Services checks done via the...

McAfee Web Gateway Detection

The remote host is a McAfee Web Gateway (MWG) Appliance. MWG acts as a proxy server and provides web filtering and monitoring...

Checkbox Survey Web Detection

Checkbox Survey, a web application for creating surveys was detected on the remote host. Note: If credentials for HTTP basic authentication / digest are supplied, then an attempt to retrieve the version information from the API will be...

Rancher Web Interface Detection

Rancher, a Kubernetes management platform, was detected based on the web...

AXIS Web Interface Detection

Nessus was able to detect the web interface for an AXIS device on the remote...

CVE-2024-1067

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...

Junos J-Web Detection

Junos J-Web, a web application for sending and receiving SMS, was detected on the remote...

CockroachDB Web Console Detection

Detects the web console for CockroachDB on the remote...

OpenWrt Web UI Detection.

OpenWrt web user interface detected on remote...

Buffalo TeraStation Web detection

Buffalo TeraStation, a network attached storage (NAS), was detected based on the web...

pfSense Web Interface Detection

The web interface for pfSense was detected on the remote host. pfSense is an open source firewall based on...

Belkin Web Interface Detection

Nessus was able to detect the web administration interface for a Belkin device on the remote...

Barracuda Web Filter Detection

The remote host appears to be a Barracuda Web Filter device, used to control access to websites and applications by end...

ClearSCADA Web Server Detection

The remote host is running the ClearSCADA web server, part of a software platform for managing and monitoring remote SCADA...

BMC Compuware iStrobe Web - 20.13 - Pre-auth RCE

...

wap-co-nop-sitiowebsc.azurewebsites.net Cross Site Scripting vulnerability OBB-3852309

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Wipro Holmes Orchestrator 20.4.1 - Log File Disclosure

...

WP Post Author – Enhance Your Posts with the Author Bio, Co-Authors, Guest Authors, and Post Rating System, including User Registration Form Builder <= 3.6.4 - Missing Authorization

Description The WP Post Author plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.6.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...

(RHSA-2024:1916) Important: Red Hat JBoss Web Server 6.0.2 release and security update

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This...

(RHSA-2024:1917) Important: Red Hat JBoss Web Server 6.0.2 release and security update

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This...

CVE-2023-38817

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

CVE-2022-41142

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to configure poller resources. The issue results from the lack of proper...

Moxa NPort Unprotected Web Console

The remote Moxa NPort Web Console is not protected by a ...

(RHSA-2024:1914) Important: Red Hat JBoss Web Server 5.8.0 release and security update

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This...

(RHSA-2024:1913) Important: Red Hat JBoss Web Server 5.8.0 release and security update

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This...

co-iki.org Cross Site Scripting vulnerability OBB-3898416

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Malicious code in cuckoo-3-web-ui-tooling (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (adbea70f2acb33710c8ecb7e13e55c24980ccd349854aa6c82915d2829359e15) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

turn8.co Cross Site Scripting vulnerability OBB-3899708

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2023-6363

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. If the system’s memory is carefully prepared by the user, then this in turn could give them...

CVE-2024-28285

A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate...

Veeam ONE Web Client Page Fails to Load After Updating .NET Runtime Components

Make sure all .NET runtime versions match, then restart the Veeam ONE Reporting...

Apache Kylin Web UI Detection

The web user interface for Apache Kylin was detected on the remote...

Tableau Server Web UI Detection

The web user interface for Tableau Server was detected on the remote...

Netwrix Auditor Web API Detection

Netwrix Auditor, an auditing and optimization solution used for compliance operations was detected on the remote host via the Netwrix Integrator API. Note: HTTP basic authentication credentials are required by the API for reliable detection. Alternatively, when the paranoid setting is enabled the.....

ThoughtWorks GoCD Web interface detection

ThoughtWorks GoCD, a CI / CD server, was detected based on the web...

Draytek VigorConnect Web UI Detection

The web application running on the remote web server is Draytek VigorConnect. Draytek VigorConnect is a network management web application for DrayTek...

CODESYS V2 Web Server Detection

The CODESYS V2 web server is running on the remote...

Apache Flink Web UI Detection

Apache Flink web user interface detected on remote host. Apache Flink is an open-source, unified stream-processing and batch-processing framework developed by the Apache Software...

Cisco Aironet Web UI Detection.

Cisco Aironet web user interface detected on remote host. Note that HTTP credentials are required to retrieve the...

Apache Pluto Web Interface Detection

The web interface for Apache Pluto was detected on the remote host. Apache Pluto is a portlet specification reference implementation and technology compliance...

Embedded HP Web Server Detected

The remote host has been identified as using an HP embedded web...

Nokia VitalQIP Web Client Detection

The remote host is running an instance of VitalQIP, an DNS, DHCP, and IP address (DDI) management system. VitalQIP was originally created by Alcatel-Lucent but acquired by...

Grandstream Phone Web Interface Detection

Nessus was able to detect the web interface for a Grandstream phone on the remote...

Zimbra Collaboration Server Web Detection

The web interface for Zimbra Collaboration Server, an open source messaging and collaboration solution, was detected on the remote host. Note the plugin attempts to retrieve the version information without credentials. However, if HTTP Basic credentials are supplied then an attempt to retrieve the....

Dell KACE K1000 Web Detection

The web interface for a Dell KACE K1000 appliance was detected on the remote host. The K1000 is used to manage multiple systems via the...

Web Site Hosting Malicious Binaries

The MD5 sum of one or more binaries hosted on the remote web server matches known malware. This may indicate that the remote site was compromised. Note that Nessus has only scanned files with the following extensions : exe , dll , scr , drv , sys , bat , cmd , com , cpl , csh , gadget ,...

SAP Solution Manager Web Detection

The web interface for SAP Solution Manager was detected on the remote host. SAP Solution Manager is application lifecycle management software. Note: This plugin does not report anything. Instead, it collects information stored in host tags for the future development of this...

Tenable Core Web Interface Detection

A Tenable Core Web Interface was detected on the remote...