Photon OS 4.0: Expat PHSA-2026-4.0-1002

An update of the expat package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1002. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

March Linux Patch Wednesday

MarchLinux Patch Wednesday. In March, Linux vendors began addressing 575 vulnerabilities, which is 57 fewer than in February. Of these, 93 are in the Linux Kernel ⬇️ a significant decrease - there were 305 in February. There are two vulnerabilities with signs of in-the-wild exploitation: 🔻 RCE -...

Fedora 44 : mingw-expat (2026-cf814a1a06)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cf814a1a06 advisory. Update to 2.7.5. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

CVE-2025-55277 HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

CVE-2025-55277 HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

Linux Distros Unpatched Vulnerability : CVE-2025-52204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter CVE-2025-52204 Note tha...

Fedora 42 : chromium (2026-7ffd130a98)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7ffd130a98 advisory. Update to 146.0.7680.80 CVE-2026-3909: Out of bounds write in Ski Tenable has extracted the preceding description block directly from the Fedora...

Photon OS 5.0: Vim PHSA-2026-5.0-0785

An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0785. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid30275...

Fedora 44 : python-lxml-html-clean (2026-f46fc594f3)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f46fc594f3 advisory. Security update for python-lxml-html-clean Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Photon OS 5.0: Go PHSA-2026-5.0-0763

An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0763. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid299285...

MiracleLinux 7 : httpd-2.4.6-98.7.0.1.el7.AXS7 (AXSA:2023-5265:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5265:04 advisory. httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 9 : zlib-1.2.11-31.el9.1 (AXSA:2022-3946:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3946:07 advisory. zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 Tenable has extracted the preceding description block directly fr...

RockyLinux 8 : postgresql:15 (RLSA-2025:1739)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:1739 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

Linux Distros Unpatched Vulnerability : CVE-2024-5158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2024-50665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpac 2.4 contains a SEGV at src/isomedia/drmsample.c:1562:96 in isomcencgetsaibysaizsaio in MP4Box. CVE-2024-50665 Note that Nessus relies on the presence of th...

Linux Distros Unpatched Vulnerability : CVE-2024-6232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are...

Linux Distros Unpatched Vulnerability : CVE-2024-5160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2021-47643

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: irtoy: free before error exiting Fix leak in error path. CVE-2021-47643 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2022-3037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository vim/vim prior to 9.0.0322. CVE-2022-3037 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2022-48560

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free exists in Python through 3.9 via heappushpop in heapq. CVE-2022-48560 Note that Nessus relies on the presence of the package as reported by the...