845 matches found
RockyLinux 8 : python27:2.7 (RLSA-2023:2860)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:2860 advisory. Python: CPU denial of service via inefficient IDNA decoder CVE-2022-45061 Tenable has extracted the preceding description block directly from the RockyLinux...
Oracle Linux 9 : podman (ELSA-2026-26445)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26445 advisory. - Rebuild for CVE-2026-32283 - Rebuild for CVE-2026-25679 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...
AlmaLinux 9 : tomcat (ALSA-2026:26323)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:26323 advisory. tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation CVE-2026-24734 Tenable has extracted the preceding description block...
Oracle Linux 9 : post (ELSA-2026-26205)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26205 advisory. 2:3.5.25-3 - Fix for CVE-2026-43964: buffer over-read via malformed enhanced status code. Resolves: RHEL-176550 Tenable has extracted the preceding description...
Oracle Linux 9 : skopeo (ELSA-2026-28074)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-28074 advisory. - Rebuild for CVE-2026-32283 - Rebuild for CVE-2026-25679 Tenable has extracted the preceding description block directly from the Oracle Linux securit...
Oracle Linux 8 : evince (ELSA-2026-28998)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-28998 advisory. - Fix CVE-2026-46529: quote string arguments passed to evspawn Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 9 : fence-agents (ELSA-2026-13672)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13672 advisory. - bundled cryptography: replace with dependency to fix CVE-2026-26007 Tenable has extracted the preceding description block directly from the Oracle...
AlmaLinux 10 : memcached (ALSA-2026:27842)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:27842 advisory. memcached: memcached: Username enumeration via timing side channel CVE-2026-47783 Tenable has extracted the preceding description block directly from the AlmaLin...
RockyLinux 8 : dracut (RLSA-2026:26534)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26534 advisory. dracut: dracut: Root code execution via DHCP options command injection CVE-2026-6893 Tenable has extracted the preceding description block directly from the...
Oracle Linux 8 : post (ELSA-2026-25932)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-25932 advisory. 2:3.5.8-8 - Fix for CVE-2026-43964: buffer over-read via malformed enhanced status code. Resolves: RHEL-176548 Tenable has extracted the preceding description...
MiracleLinux 8 : httpd:2.4 (AXSA:2026-786:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-786:01 advisory. httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the preceding description block...
RockyLinux 8 : frr (RLSA-2026:24340)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:24340 advisory. frr: denial of service via crafted FlowSpec component CVE-2026-37457 Tenable has extracted the preceding description block directly from the RockyLinux security...
AlmaLinux 9 : redis (ALSA-2026:23229)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:23229 advisory. redis: RESTORE invalid memory access may allow remote code execution CVE-2026-25243 Tenable has extracted the preceding description block directly from the...
TrueConf Windows Client < 8.5.3.884 Download of Code Without Integrity Check Vulnerability (CVE-2026-3502)
The version of TrueConf Windows Client installed on the remote host is prior to 8.5.3.884. It is, therefore, affected by a vulnerability: â A remote code execution vulnerability exists in the TrueConf Client update mechanism due to lack of cryptographic verification of update packages. An...
MiracleLinux 8 : ruby:3.3 (AXSA:2026-769:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-769:01 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the...
Medium: sendmail
Issue Overview: sendmail through at least 8.14.7 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail...
CVE-2026-42251
Use of hard-coded credentials in KS-SOMED allowed an unauthorized attacker access to FTP server that hosted the application's update packages. The attacker with these credentials could upload a malicious update file, which then may have been distributed and installed on client machines as a...
RockyLinux 9 : vim (RLSA-2026:22717)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22717 advisory. vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 Tenable has extracted the preceding description block directl...
RockyLinux 10 : PackageKit (RLSA-2026:19141)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19141 advisory. PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 Tenable has extracted the preceding description block...
RockyLinux 10 : nginx (RLSA-2026:19159)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19159 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...