RHEL 8 : python3 (RHSA-2026:9289)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9289 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

Linux Distros Unpatched Vulnerability : CVE-2025-66442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel in RSA and CBC/ECB decryption that only occurs with LLVM's select-optimize feature...

EUVD-2021-29080

Malicious code in bioql PyPI...

Fedora 41 : mingw-gstreamer1 / mingw-gstreamer1-plugins-bad-free / etc (2025-dd97126e3a)

The remote Fedora 41 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-dd97126e3a advisory. Update to 1.26.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Linux Distros Unpatched Vulnerability : CVE-2017-17053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The initnewcontext function in arch/x86/include/asm/mmucontext.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation...

PT-2025-33309 · Itsourcecode · Itsourcecode Online Tour/Travel Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection issue exists in itsourcecode Online Tour and Travel Management System version 1.0. The vulnerability is located in the /admin/operations/packages.p...

Linux Distros Unpatched Vulnerability : CVE-2023-52723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a passwo...

Linux Distros Unpatched Vulnerability : CVE-2018-1304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The URL pattern of the empty string which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27,...

Linux Distros Unpatched Vulnerability : CVE-2020-27068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel CVE-2020-27068 Note that Nessus relies on the presence of the package...

Alibaba Cloud Linux 3 : 0089: cryptsetup (ALINUX3-SA-2021:0089)

"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0089 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-14382: A vulnerability was found in...

Alibaba Cloud Linux 3 : 0086: gcc-toolset-12-binutils (ALINUX3-SA-2023:0086)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0086 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-4285: An illegal memory access flaw was...

Fedora 39 / 40 : java-1.8.0-openjdk-portable / java-17-openjdk-portable (2025-5c15947cd4)

The remote Fedora 39 / 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-5c15947cd4 advisory. April 2025 CPU Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for thi...

MGASA-2025-0095 Updated python-django packages fix security vulnerability

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings. CVE-2025-26699...

Linux Distros Unpatched Vulnerability : CVE-2024-56378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc. CVE-2024-56378 Note...

Linux Distros Unpatched Vulnerability : CVE-2022-49587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: Fix a data-race around sysctltcpnotsentlowat. While reading sysctltcpnotsentlowat, it can be changed concurrently. Thus, we need to add READONCE to its...

Linux Distros Unpatched Vulnerability : CVE-2022-3235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository vim/vim prior to 9.0.0490. CVE-2022-3235 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2020-6824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open...

Linux Distros Unpatched Vulnerability : CVE-2022-49304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drivers: tty: serial: Fix deadlock in sa1100settermios There is a deadlock in sa1100settermios, which is shown below: Thread 1 | Thread 2 | sa1100enablems...

Linux Distros Unpatched Vulnerability : CVE-2023-45236

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized acce...

Linux Distros Unpatched Vulnerability : CVE-2023-48104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Alinto SOGo before 5.9.1 is vulnerable to HTML Injection. CVE-2023-48104 Note that Nessus relies on the presence of the package as reported by the vendor...