1067 matches found
Joomla 4.0.x < 5.4.7 / 6.0.x < 6.1.2 Joomla 6.1.2 & 5.4.7 Security & Bugfix Release (5955-joomla-6-1-2-5-4-7-security-bugfix-release)
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 5.4.7 or 6.0.x prior to 6.1.2. It is, therefore, affected by a vulnerability. - An improper access check allows unauthorized users to create custom fields via webservices endpoints...
FreeBSD : openvpn -- multiple vulnerabilities (ffa897a0-756f-11f1-b291-a74de6bb0320)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ffa897a0-756f-11f1-b291-a74de6bb0320 advisory. The OpenVPN community project team reports: ... OpenVPN 2.7.5 ... is a bugfix release fixing...
Linux Distros Unpatched Vulnerability : CVE-2026-11771
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - openvpn - None Ubuntu Linux - 1-byte buffer overrun on NTLMv2 proxy responses CVE-2026-11771 Note that Nessus relies on the presence of the packa...
RLSA-2026:33722 Important: container-tools:rhel8 security, bug fix, and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via...
SUSE-SU-2026:2254-1 Security update 5.0.8 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Security Fixes: - CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter was updated from version 1.5.0 to 1.10.2: - Security Fixes: - Version...
wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()
...
CVE-2026-45997
CVE-2026-45997 concerns the Linux kernel SCSI disk driver (sd). The issue arises when device_add(&sdkp->disk_dev) fails during sd_probe; as a result, put_device() calls lead to scsi_disk_release() freeing the scsi_disk but leaving the gendisk referenced. The fix adds a missing put_disk(gd) in ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: iavf: fixed the hang that occurs upon reboot with ice When a system with E810 and existing VFs is rebooted, the following hang may occur. PID 1 is hung in iavfremove, part of a network driver: PID: 1 TASK: ffff965400e5a340 CPU...
Fedora 43 : SDL2_image (2026-f1f87b465a)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f1f87b465a advisory. Update to bugfix release 2.8.12. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
Fedora 42 : SDL2_image (2026-8ac58f5cf3)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8ac58f5cf3 advisory. Update to bugfix release 2.8.12. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
Security update for curl
This update for curl fixes the following issues: Security issues fixed: CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. CVE-2026-6276:...
SUSE-SU-2026:1940-1 Security update for curl
This update for curl fixes the following issues: Security issues fixed: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. -...
Fedora 44 : SDL2_image (2026-7fe0476df9)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7fe0476df9 advisory. Update to bugfix release 2.8.12. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
Unbreakable Enterprise kernel security update: Copy Fail
5.4.17-2136.354.4.2 - crypto: algifaead - Fix minimum RX size check for decryption Herbert Xu Orabug: 39292250 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39292250 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39292250 -...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. CVE-2025-68794: iomap: adjust read range correctly for...
EUVD-2026-24790
In the Linux kernel, the following vulnerability has been resolved: ext4: replace BUGON with proper error handling in ext4readinlinefolio Replace BUGON with proper error handling when inline data size exceeds PAGESIZE. This prevents kernel panic and allows the system to continue running while...
CVE-2026-31451
In the Linux kernel, the following vulnerability has been resolved: ext4: replace BUGON with proper error handling in ext4readinlinefolio Replace BUGON with proper error handling when inline data size exceeds PAGESIZE. This prevents kernel panic and allows the system to continue running while...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007495)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007495 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fssyncinodemeta syzbot reported an UAF issue as below: 1 2 1...
Joomla 4.0.x < 5.4.4 / 6.0.x < 6.0.4 Joomla 6.0.4 & 5.4.4 Security & Bugfix Release (5944-joomla-6-0-4-5-4-4-security-bugfix-release)
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 5.4.4 or 6.0.x prior to 6.0.4. It is, therefore, affected by a vulnerability. - An improper access check allows unauthorized access to webservice endpoints. CVE-2026-23899 Note that...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. CVE-2024-38542: RDMA/manaib: boundary check before installing cq callbacks bsc122659...