28140 matches found
RHEL 8 : poppler (RHSA-2026:27724)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27724 advisory. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppl...
Oracle Linux 8 : postgresql:15 (ELSA-2026-26181)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26181 advisory. - Fix CVE-2026-6478 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...
RockyLinux 8 : 389-ds:1.4 (RLSA-2026:26459)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26459 advisory. 389-ds-base: 389-ds-base: unbounded LDAP controls count in getldapmessagecontrolsext causes CPU and heap amplification remote DoS CVE-2026-9064 Tenable has...
AlmaLinux 8 : dracut (ALSA-2026:26534)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:26534 advisory. dracut: dracut: Root code execution via DHCP options command injection CVE-2026-6893 Tenable has extracted the preceding description block directly from the...
MiracleLinux 8 : dracut-049-244.git20260529.el8_10 (AXSA:2026-806:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-806:01 advisory. dracut: dracut: Root code execution via DHCP options command injection CVE-2026-6893 Tenable has extracted the preceding description block directly from the...
RockyLinux 8 : dracut (RLSA-2026:26534)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26534 advisory. dracut: dracut: Root code execution via DHCP options command injection CVE-2026-6893 Tenable has extracted the preceding description block directly from the...
UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()
Summary ujson.dumps or ujson.dump or ujson.encode have a rejectbytes=False option. When set, they may accept malformed or truncated UTF-8 byte sequences, silently rewriting them into different Unicode characters instead of rejecting them. This leads to input validation bypass and data integrity...
xorg-x11-server-Xwayland security, bug fix, and enhancement update
An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under Wayland...
dracut security update
An update is available for dracut. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The dracut packages contain an event-driven initial RAM file system initramfs...
RHEL 8 : thunderbird (RHSA-2026:26536)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:26536 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript...
Security Bulletin: Use of Aspera products with Windows XP/IE 8
Question Security Bulletin: Use of Aspera products with Windows XP/IE 8 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line...
EUVD-2026-37719
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When content is served or proxied through a location block with both sourcecharset utf-8; and a charset directive for example, charset koi8-r; configured, remote, unauthenticated attackers can send requests ...
libpng15 security update
An update is available for libpng15. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libpng15 package provides libpng 1.5, an older version of the libpng...
hplip security update
An update is available for hplip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Proje...
redis:6 security update
An update is available for redis, module.redis. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Redis is an advanced key-value store. It is often referred to as ...
openssl security update
An update is available for openssl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transpo...
rsync security update
An update is available for rsync. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsync utility enables the users to copy and synchronize files locally or...
libxml2 security update
An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...
CVE-2026-46883
creationtimestamp| type| source ---|---|--- 2026-06-17 05:31:59+00:00| seen| https://www.acn.gov.it/portale/w/critical-patch-update-di-oracle-8 2026-06-20 15:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3moq53oaz2r2y...
CVE-2026-35315
creationtimestamp| type| source ---|---|--- 2026-06-17 05:31:59+00:00| seen| https://www.acn.gov.it/portale/w/critical-patch-update-di-oracle-8 2026-07-02 14:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpoayzmmrz2n...