446641 matches found
[SECURITY] [DSA 6358-1] libhttp-daemon-perl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6358-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 21, 2026 https://www.debian.org/security/faq -...
CVE-2026-56396
phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser and updateUserRights endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edituser permission can set issuperadmin flag or grant arbitrary rights to escalate to SuperAdm...
[SECURITY] [DSA 6356-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6356-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 21, 2026 https://www.debian.org/security/faq -...
EUVD-2026-38162
phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser and updateUserRights endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edituser permission can set issuperadmin flag or grant arbitrary rights to escalate to SuperAdm...
ROOT-APP-MAVEN-CVE-2025-24970 CVE-2025-24970 in io.root.io.netty:netty-handler - Patched by Root
Root has patched CVE-2025-24970 in the io.root.io.netty:netty-handler package for Root:Maven. Multiple fixed versions available...
UBUNTU-CVE-2026-52911
In the Linux kernel, the following vulnerability has been resolved: ksmbd: scope conn-binding slowpath to bound sessions only When the binding SESSIONSETUP sets conn-binding = true, the flag stays set after the call so that the global session lookup in ksmbdsessionlookupall can find the session,...
ROOT-APP-MAVEN-CVE-2026-34480 CVE-2026-34480 in io.root.org.apache.logging.log4j:log4j-core - Patched by Root
Root has patched CVE-2026-34480 in the io.root.org.apache.logging.log4j:log4j-core package for Root:Maven. Multiple fixed versions available...
Debian dsa-6359 : gstreamer1.0-gtk3 - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6359 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6359-1 [email protected] https://www.debian.org/securit...
Oracle Linux 8 : dracut (ELSA-2026-26534)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26534 advisory. 049-244.git20260529.0.1 - Refactor getucodefile Orabug: 36989953 - Revert the fixes for bugs 33676753 and 33888951 due to regressions Orabug: 35656614 - Fix ty...
Photon OS 4.0: Wireshark PHSA-2026-4.0-1036
An update of the wireshark package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Fedora 43 : python3.13 (2026-2deb979d80)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2deb979d80 advisory. New Python release including bugfixes and security fixes. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 44 : yt-dlp (2026-bb702c613b)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-bb702c613b advisory. - Update to 2026.06.09. Fixes rhbz2487407. - Mitigates CVE-2026-50019, CVE-2026-50023, CVE-2026-50574 Tenable has extracted the preceding descriptio...
Fedora 43 : ansible-core (2026-f027f57724)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f027f57724 advisory. - Mitigates CVE-2026-11332 rhbz2485397 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
Fedora 44 : python3.13 (2026-dfc9182263)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dfc9182263 advisory. New Python version including bugfixes and security fixes. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 44 : 389-ds-base (2026-6d00814a85)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d00814a85 advisory. Resolves: CVE-2026-9064 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Fedora 43 : kubernetes1.33 (2026-c2a89ccca5)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c2a89ccca5 advisory. - Update to release 1.33.13 - Resolves: rhbz2467604 - Upstream fix Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 43 : kubernetes1.35 (2026-0544eff1d8)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0544eff1d8 advisory. - Update to release v1.35.6 - Resolves: rhbz2467606 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 43 : kubernetes1.34 (2026-88ab77d111)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-88ab77d111 advisory. - Update to release v1.34.9 - Resolves: rhbz2467605 - Upstream fixes Tenable has extracted the preceding description block directly from the Fedora security...
CVE-2026-56276
Flowise (Flowise) before 3.1.2 has a mass-assignment vulnerability in PUT /api/v1/user that lets an authenticated user modify the credential field without validation. The attacker can bypass password-change verification and session invalidation by supplying a crafted password hash, enabling persi...
RHSA-2026:27355 Red Hat Security Advisory: kernel security update
Bulletin has no description...