9445 matches found
Low: python3.14-pip
Issue Overview: pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior...
Unity Linux 20.1060e / 20.1070e Security Update: nodejs-jison (UTSA-2026-016653)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016653 advisory. Insufficient input validation in npm package jison = 0.4.18 may lead to OS command injection attacks. Tenable has extracted the preceding description block directly...
AlmaLinux 8 : libsndfile (ALSA-2026:19559)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:19559 advisory. libsndfile: integer overflow in imareaderinit CVE-2026-37555 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: unbound: python3-unbound-1.25.1-0.1.hum1 aarch64, x8664 unbound-1.25.1-0.1.hum1 aarch64, x8664 unbound-anchor-1.25.1-0.1.hum1 aarch64, x8664 unbound-devel-1.25.1-0.1.hum1 aarch64, x8664...
Fedora 44 : pgadmin4 (2026-68f6155fea)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-68f6155fea advisory. Update to pgadmin4-9.15. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-140.11.0esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...
OPENSUSE-SU-2026:10815-1 libsdb2_4_2-6.1.4-2.1 on GA media
These are all security issues fixed in the libsdb242-6.1.4-2.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10813-1 firefox-esr-140.11.0-1.1 on GA media
These are all security issues fixed in the firefox-esr-140.11.0-1.1 package on the GA media of openSUSE Tumbleweed...
CLEANSTART-2026-BS27946 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-35469, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39883, CVE-2026-42499, CVE-2026-42501, ghsa-78h2-9frx-2jm8, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-pc3f-x583-g7j2, ghsa-xmrv-pmrh-hhx2 applied in versions: 1.16.2-r2, 1.17.2-r0, 1.17.2-r1, 1.18.0-r0, 1.18.0-r1, 1.18.0-r2, 1.18.0-r3
Multiple security vulnerabilities affect the velero-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
OPENSUSE-SU-2026:10806-1 postgresql14-14.23-1.1 on GA media
These are all security issues fixed in the postgresql14-14.23-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10807-1 postgresql15-15.18-1.1 on GA media
These are all security issues fixed in the postgresql15-15.18-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10785-1 apache2-2.4.67-1.1 on GA media
These are all security issues fixed in the apache2-2.4.67-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10787-1 expat-2.8.1-1.1 on GA media
These are all security issues fixed in the expat-2.8.1-1.1 package on the GA media of openSUSE Tumbleweed...
[SECURITY] Fedora 44 Update: rust-sequoia-chameleon-gnupg-0.13.1-12.fc44
Sequoia's reimplementation of the GnuPG interface...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dotnet8.0: aspnetcore-runtime-8.0-8.0.27-1.hum1 aarch64, x8664 aspnetcore-runtime-dbg-8.0-8.0.27-1.hum1 aarch64, x8664 aspnetcore-targeting-pack-8.0-8.0.27-1.hum1 aarch64, x8664...
Medium: python3-tornado
Issue Overview: In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.setcookie were not checked for crafted characters. CVE-2026-35536 Affected Packages: python3-tornado Note: This advisory is applicable to Amazon Linu...
Photon OS 4.0: Python3 PHSA-2026-4.0-1014
An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1014. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Updated sed packages fix security vulnerability
Race Condition in GNU Sed. CVE-2026-5958...
OPENSUSE-SU-2026:10771-1 google-osconfig-agent-20260511.00-1.1 on GA media
These are all security issues fixed in the google-osconfig-agent-20260511.00-1.1 package on the GA media of openSUSE Tumbleweed...
Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017356)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017356 advisory. buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity...