6677 matches found
Important: kernel-livepatch-5.10.248-247.988
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...
Advisory ROSA-SA-2026-3267
software: kernel-5.15 5.15.193 WASP: ROSA-CHROME unaffected versions = kernel-5.15-5.15.193-5 affected versions kernel-5.15-5.15.193-5 CVE-ID: CVE-2026-43284 BDU-ID: None CVE-Crit: NO DATA CVE-DESC.: A vulnerability in the Linux kernel xfrm subsystem ESP allows data decryption over non-packet skb...
Advisory ROSA-SA-2026-3258
software: kernel-6.1 6.1.152 OS: ROSA-CHROME unaffected versions = kernel-6.1-6.1.1.152-3 affected versions kernel-6.1-6.1.152-3 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD "in-place"...
Advisory ROSA-SA-2026-3257
software: kernel-6.12 6.12.74 WASP: ROSA-CHROME unaffected versions = kernel-6.12-6.12.74-5 affected versions kernel-6.12-6.12.74-5 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perform AEAD "in-plac...
PT-2026-38152
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An inappropriate implementation in Navigation allows a remote attacker who has compromised the renderer process to bypass site isolation using a crafted HTML page. Site isolation is a...
PT-2026-38199
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient policy enforcement in DevTools allows an attacker to perform UI spoofing via a crafted Chrome Extension, provided they can convince a user to install the malicious extensio...
Oracle Linux 7 : python3 (ELSA-2026-9745)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9745 advisory. 3.6.8-21.0.11 - Security update CVE-2026-4519 Orabug: 39246828 Tenable has extracted the preceding description block directly from the Oracle Linux security...
PT-2026-38153
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A race condition in the Speech component allows a remote attacker who has already compromised the renderer process to obtain potentially sensitive information from process memory by usi...
Fedora 44 : insight (2026-f72d44d09e)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f72d44d09e advisory. Fix CVE-2026-6846. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Linux Distros Unpatched Vulnerability : CVE-2026-6321
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data wa...
Fedora 42 : rust-sequoia-git (2026-6f64d2e143)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6f64d2e143 advisory. Update to version 0.6.0. Addresses RUSTSEC-2026-0109. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Fedora 43 : insight (2026-e0f5e87dd6)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e0f5e87dd6 advisory. Fix CVE-2026-6846. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
CVE-2026-7768 @fastify/accepts-serializer vulnerable to Denial of Service via Unbounded Accept Header Cache Growth
@fastify/accepts-serializer cached serializer-selection results keyed by the request Accept header without a size limit or eviction policy. A remote unauthenticated client could send many distinct but matching Accept header variants to make the cache grow unbounded, eventually exhausting the...
PT-2026-36989
Name of the Vulnerable Software and Affected Versions phpVMS versions 7.x through 7.0.5 Description A critical issue in the legacy importer component allows unauthenticated access to a deprecated import feature. A remote attacker can trigger internal processes to modify or delete application data...
RHCOS 4 : OpenShift Container Platform 4.15.11 (RHSA-2024:2071)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2071 advisory. - jose-go: improper handling of highly compressed data CVE-2024-28180 Note that Nessus has not tested for this issue but has instead relied...
RHCOS 4 : OpenShift Container Platform 4.17.16 (RHSA-2025:1122)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:1122 advisory. - cri-o: CRI-O Path Traversal in Log Handling Functions Allows Arbitrary Unmounting CVE-2025-0750 Note that Nessus has not tested for this...
RHCOS 6 : haproxy (RHSA-2013:0729)
The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:0729 advisory. - haproxy: rewrite rules flaw can lead to arbitrary code execution CVE-2013-1912 Note that Nessus has not tested for this issue but has inste...
PT-2026-36729
Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 26.01 Description A remote deserialization issue exists in the Pickle Handler component. The flaw occurs within the pickle.loads function, allowing an attacker to execute a manipulation that leads to insecure...
Fedora 43 : python3.14 (2026-97a8eb204a)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-97a8eb204a advisory. Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-5713, CVE-2026-6100 Tenable has extracted the preceding description block directly from th...
Fedora 42 : openssh (2026-d08c298940)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d08c298940 advisory. Fixes high severity CVE: - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Tenable has extracted the...