1553 matches found
CVE-2026-43984 Tautulli has stored XSS in logFile via guest-controlled log_js_errors input
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose logjserrors to any authenticated user, including guest users when guest access is enabled. The endpoint writes attacker-controlled strings directly into the main application log. The...
WordPress Symposium <=15.8.1 - Cross-Site Scripting
WordPress Symposium through 15.8.1 contains a reflected cross-site scripting vulnerability via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter which allows an attacker to steal cookie-based authentication credentials and launch other attacks. id: CVE-2015-9414 info: name:...
Apache HTTP Server - Remote Code Execution
Apache HTTP Server 2.4.32 to 2.4.44 contains an info disclosure and possible remote code execution caused by a vulnerability in modproxyuwsgi, letting remote attackers access sensitive information and potentially execute arbitrary code, exploit requires sending crafted requests. id: CVE-2020-1198...
Chromium: CVE-2026-9972 Uninitialized Use in Gamepad
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
ROOT-OS-UBUNTU-2204-CVE-2025-38708 CVE-2025-38708 in rootio-linux - Patched by Root
Root has patched CVE-2025-38708 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
SUSE SLED15 / SLES15 Security Update : docker (SUSE-SU-2026:2033-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2033-1 advisory. This update for docker rebuilds it against the current go security release. Tenable has extracted the preceding...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-8254-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8254-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
TencentOS Server 4: kernel (TSSA-2026:0287)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0287 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Oracle Linux 10 : image-builder (ELSA-2026-13642)
The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-13642 advisory. 45-1.0.4 - Rebuilt to fix CVE-2026-25679, CVE-2026-27137 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...
TencentOS Server 2: squid (TSSA-2026:0280)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0280 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: The issue related to GPF in bitmapgetstats has been fixed. The commit message for commit 6ec1f0239485 “md/md-bitmap: fix stats collection for external bitmaps” states: “Remove the external bitmap check, as statistic...
Fedora 44 : rauc (2026-17dbeca425)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-17dbeca425 advisory. version bumped from 1.15.1 to 1.15.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
RHSA-2026:10711 Red Hat Security Advisory: python3.12 security update
Bulletin has no description...
Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2026-9686)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9686 advisory. 1:17.0.19.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.19.0.10-1 - Update to jdk-17.0.19+10 GA - Add to .gitignore...
CVE-2026-23431
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fix memory leak in amlspisgprobe In amlspisgprobe, ctlr is allocated by spialloctarget/spiallochost, but fails to call spicontrollerput in several error paths. This leads to a memory leak whenever the driver...
RHSA-2026:6469 Red Hat Security Advisory: libpng15 security update
Bulletin has no description...
Fedora 42 : containernetworking-plugins (2026-7ed700921c)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7ed700921c advisory. Update to release v1.9.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
USN-8059-9 linux-azure-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...
PT-2026-27122
Name of the Vulnerable Software and Affected Versions NetScaler ADC and NetScaler Gateway versions 14.1-66.54 Description A race condition exists when the appliance is configured as a Gateway SSL VPN, ICA Proxy, CVPN, RDP Proxy or an AAA virtual server, potentially leading to user session mixup...
ruby4.0-rubygem-rack-3.1.18-1.3 on GA media (moderate)
ruby4.0-rubygem-rack-3.1.18-1.3 on GA media Announcement ID: openSUSE-SU-2026:10358-1 Rating: moderate Cross-References: CVE-2013-0262 CVE-2013-0263 CVE-2015-3225 CVE-2018-16471 CVE-2019-16782 CVE-2020-8184 CVE-2022-30122 CVE-2022-30123 CVE-2022-44570 CVE-2022-44571 CVE-2022-44572 CVE-2023-27530...