-
Notifications
You must be signed in to change notification settings - Fork 0
Home
This wiki serves as a comprehensive repository for documenting a wide range of security vulnerabilities. My goal is to provide detailed information on each vulnerability. This resource is intended for security professionals, system administrators, software developers, and anyone interested in securing their systems against known vulnerabilities.
You can navigate the wiki using the sidebar, which categorizes vulnerabilities by their common themes or affected technologies. Each category leads to specific pages that detail individual vulnerabilities. Here's a brief description of what you can find in each section:
This section covers vulnerabilities related to Microsoft products and technologies, including Windows operating systems, Microsoft Office applications, and development tools.
Find details on vulnerabilities associated with SSL/TLS certificates, including issues with certificate trust, configuration, and deprecated protocols.
Explore vulnerabilities specific to the OpenSSL library, which is widely used for implementing secure communications.
This category documents issues in Apache products, such as the Apache HTTP server, Apache Tomcat, and Apache Log4j, focusing on both remote execution and denial of service vulnerabilities.
Access information on vulnerabilities affecting Oracle Java SE and related products like Amazon Corretto and OpenJDK.
Discover a variety of other critical vulnerabilities that do not neatly fit into the other categories but are essential to secure systems, including vulnerabilities in software like 7-Zip, Adobe Acrobat, and networking protocols.
We welcome contributions from the community! If you have suggestions for new entries or updates to existing ones, please feel free to edit the wiki pages. For major changes or new categories, please open an issue in the repository to discuss the changes before implementing them.
Your feedback is invaluable. If you have any questions, comments, or concerns about the information presented here, please use the repository's Issues section to communicate with us.
Thank you for visiting my Nessus-Security-Vulnerabilities-Wiki. I hope this resource is helpful in your efforts to understand and mitigate security risks.
- Home - Return to this main page.
- Explore detailed vulnerability categories and entries via the sidebar.
- Microsoft Teams < 1.6.0.11166 Information Disclosure↗
- Microsoft Teams < 1.6.0.18681 RCE↗
- Microsoft Windows Unquoted Service Path Enumeration↗
- Microsoft XML Parser (MSXML) and XML Core Services Unsupported↗
- Security Updates for Microsoft .NET Framework↗
- Security Updates for Microsoft Office Products C2R↗
- Security Updates for Microsoft SQL Server↗
- Windows Defender Antimalware/Antivirus Signature Definition Check↗
- Windows Speculative Execution Configuration Check↗
- WinVerifyTrust Signature Validation CVE-2013-3900 Mitigation↗
- SSL Certificate Cannot Be Trusted↗
- SSL Certificate Chain Contains RSA Keys Less Than 2048 bits↗
- SSL Certificate with Wrong Hostname↗
- SSL Medium Strength Cipher Suites Supported (SWEET32)↗
- SSL Self-Signed Certificate↗
- SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)↗
- TLS Version 1.0 Protocol Detection↗
- TLS Version 1.1 Protocol Deprecated↗
- Apache 2.4.x < 2.4.58 Multiple Vulnerabilities↗
- Apache Log4j Vulnerabilities↗
- Apache Solr Unauthenticated Access Information Disclosure↗
- Apache Struts Vulnerabilities↗
- Apache Tomcat Vulnerabilities↗
- Amazon Corretto Java 11.x < 11.0.19.7.1 Multiple Vulnerabilities↗
- OpenJDK Vulnerabilities↗
- Oracle Java SE Vulnerabilities↗
- 7-Zip < 23.00 Multiple Vulnerabilities↗
- Adobe Acrobat Vulnerabilities↗
- AMQP Cleartext Authentication↗
- Artifex Ghostscript < 10.2.1 DoS↗
- Chargen UDP Service Remote DoS↗
- Curl 7.84 <= 8.2.1 Header DoS (CVE-2023-38039)↗
- Echo Service Detection↗
- HSTS Missing From HTTPS Server (RFC 6797)↗
- HTTP TRACE / TRACK Methods Allowed↗
- Insecure Windows Service Permissions↗
- Keepass < 2.54 Information disclosure↗
- Notepad++ < 8.5.7 Multiple Buffer Overflow Vulnerabilities↗
- Quote of the Day (QOTD) Service Detection↗
- VMware Tools 10.3.x / 11.x / 12.x < 12.3.5 Token Bypass↗
- X Server Detection↗
- Template -> Use this template for new vulnerabilities