Microsoft SharePoint - Remote Code Execution

Microsoft SharePoint is vulnerable to a remote code execution when the software fails to check the source markup of an application package. id: CVE-2020-16952 info: name: Microsoft SharePoint - Remote Code Execution author: dwisiswant0 severity: high description: Microsoft SharePoint is vulnerabl...

Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting

Microsoft Exchange Server is vulnerable to a spoofing vulnerability. Be aware this CVE ID is unique from CVE-2021-42305. id: CVE-2021-41349 info: name: Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting author: rootxharsh,iamnoooob severity: medium description: Microsoft Exchange...

Photon OS 5.0: Linux PHSA-2026-5.0-0849

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0849. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ASB-A-428945391

In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2026:2117-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2117-1 advisory. This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: - CVE-2026-6472: ensure the user...

Vulnerability handling in Palo Alto Networks PAN-OS and Prisma Access

Palo Alto Networks has identified a vulnerability in the PAN-OS’ GlobalProtect portal and gateway components. An unauthorized malicious actor can exploit this vulnerability to establish a VPN connection. As a result, the malicious actor gains access to internal systems that are accessible via the...

Microsoft SQL Server Reporting Services - Remote Code Execution

Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vulnerability because it incorrectly handles page requests. id: CVE-2020-0618 info: name: Microsoft SQL Server Reporting Services - Remote Code Execution author: joeldeleep severity: high description: Microsoft SQL...

PT-2026-44990

3/ On the vuln side: FreeSWITCH 1.11.0/1.11.1 fix an unauthenticated SIP PUBLISH DoS CVE-2026-45771 and more; OpenSIPS shipped 12 advisories / 8 CVEs 3 critical; coturn and Janus got security updates too...

Photon OS 5.0: Glibc PHSA-2026-5.0-0857

An update of the glibc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0857. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Release Information for Veeam Backup for AWS 10.1

Requirements Please confirm that you are running version Veeam Backup for AWS 10 build 10.0.0.232 or later before upgrading. You can find the currently installed build number Product version in the About section under Configuration | Support Information | Updates. After installing Veeam Backup fo...

ALSA-2026:21382 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

Release Information for Veeam Backup for Google Cloud 7.0.1

Requirements Please confirm that you are running version Veeam Backup for Google Cloud 7 build 7.0.0.47 or later before upgrading. You can find the currently installed build number Server version in the About section under Configuration | Support Information | Updates. Release Information 7.0.1.4...

May 26, 2026-KB5092427 Cumulative Update Preview for .NET Framework 3.5 and 4.8.1 for Windows 11, version 25H2

May 26, 2026-KB5092427 Cumulative Update Preview for .NET Framework 3.5 and 4.8.1 for Windows 11, version 25H2 Release Date: May 26, 2026 Version: .NET Framework 3.5 and 4.8.1 The May 26, 2026 update for Windows 11, version 25H2 includes security and cumulative reliability improvements in .NET...

Fedora 43 : aw-server-rust / awatcher / nodejs-aw-webui (2026-c9d4e8b9a4)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-c9d4e8b9a4 advisory. Rebuilt with openssl 0.10.79 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

RockyLinux 10 : java-25-openjdk (RLSA-2026:9693)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:9693 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013...

RHSA-2026:18957 Red Hat Security Advisory: python3.11 security update

Bulletin has no description...

Astra Linux - уязвимость в webkit2gtk

“Clear History and Website Data” did not successfully clear the browsing history. The issue was resolved through improved data deletion mechanisms. This issue has been fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3, and iPadOS 14.3, as we...

Drupal core - Highly critical - SQL injection - SA-CORE-2026-004

Drupal core includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests, resulting in arbitrary SQL injection for sites using PostgreSQL...

Photon OS 4.0: Linux PHSA-2026-4.0-1021

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1021. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 42 : kernel (2026-db3618772b)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-db3618772b advisory. The 6.19.14-106 kernel build contains additional mitigations for new code paths in fragnesia, and a couple of other security updates without fancy names or...