RHEL 9 : libyang (RHSA-2026:25051)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25051 advisory. Libyang is YANG data modeling language parser and toolkit written and providing API in C. Security Fixes: libyang: libyang: Denial of Service or...

RHEL 10 : valkey (RHSA-2026:25216)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25216 advisory. Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists,...

RockyLinux 9 : redis (RLSA-2026:23229)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:23229 advisory. redis: RESTORE invalid memory access may allow remote code execution CVE-2026-25243 Tenable has extracted the preceding description block directly from the...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-11332)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-11332 advisory. - A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : poppler vulnerability (USN-8400-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8400-1 advisory. It was discovered that poppler incorrectly handled certain malformed PDF tiling patterns in the Splash backend. An attacker could...

Ubuntu 26.04 LTS : Twig vulnerability (USN-8408-1)

The remote Ubuntu 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8408-1 advisory. It was discovered that Twig did not properly validate PHP callables when using a source policy. An authenticated user could possibly use this issue to execute...

MiracleLinux 8 : libyang-1.0.184-2.el8_10.ML.1 (AXSA:2026-777:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-777:01 advisory. libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 Tenable has extracted the preceding...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : strongSwan vulnerability (USN-8407-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8407-1 advisory. Elliott Childre discovered that strongSwan incorrectly handled the cloning of certain identities. A remote attacker could use this...

aioHTTP < 3.14.0 Multiple Vulnerabilities

The version of aioHTTP installed on the remote host is prior to 3.14.0. It is, therefore, affected by multiple vulnerabilities: - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using CookieJar.load with untrusted input may allow arbitrary...

FreeBSD : Erlang/OTP -- buffer overflow parsing SCTP ERROR/ABORT chunks (d87db2a1-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87db2a1-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-6f4f-chj5-5g97 reports: A buffer overflow error...

Linux Distros Unpatched Vulnerability : CVE-2026-44293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript for toObject conversion could...

ROS-20260611-73-0029

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260611-73-0015

The vulnerability of the cleardecompressbandsdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

ROS-20260611-73-0031

The vulnerability in freerdp is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260611-73-0037

The vulnerability in freerdp is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260611-73-0038

The vulnerability in freerdp3 is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260611-73-0032

The vulnerability in freerdp3 is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20260611-73-0009

The vulnerability of the cleardecompress function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

ROS-20260611-73-0017

The vulnerability of the updatepointernew function in the RDP client FreeRDP relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code and cause service failures...

ROS-20260611-73-0016

The vulnerability of the cleardecompressbandsdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...