KB5087537: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2026)

The remote Windows host is missing security update 5087537. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

Microsoft Windows Admin Center Local Privilege Escalation (February 2026)

The remote Windows host is running a version of Microsoft Windows Admin Center that is missing a security update. It is, therefore, affected by a local privilege escalation vulnerability. Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a...

openSUSE Security Advisory (SUSE-SU-2026:0433-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Updates for Microsoft Exchange Server (February 2026)

The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by a vulnerability as referenced in the February, 2026 security bulletin. - User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an...

MiracleLinux 7 : kernel-3.10.0-1160.42.2.el7 (AXSA:2021-2411:20)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2411:20 advisory. kernel: use-after-free in route4change in net/sched/clsroute.c CVE-2021-3715 Tenable has extracted the preceding description block directly from the...

KB5070886: Windows Server 2012R2 WSUS RCE (CVE-2025-59287)

The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...

KB5070883: Windows Server 2019 WSUS RCE (CVE-2025-59287)

The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...

KB5070881: Windows Server 2025 WSUS RCE (CVE-2025-59287)

The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...

KB5066837: Windows 10 LTS 1507 Security Update (October 2025)

The remote Windows host is missing security update 5066837. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...

KB5066791: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (October 2025)

The remote Windows host is missing security update 5066791. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...

Microsoft Office 2016 RCE Vulnerability (KB5002766)

This host is missing an critical security update according to Microsoft KB5002766 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KB5065507: Windows Server 2012 R2 Security Update (September 2025)

The remote Windows host is missing security update 5065507. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...

Security Updates for Microsoft Visual Studio Products (August 2025)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-53773 Note that Nessu...

Microsoft Windows Multiple Vulnerabilities (KB5063871)

This host is missing an important security update according to Microsoft KB5063871 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

KB5063927: Windows Server 2008 R2 Security Update (August 2025)

The remote Windows host is missing security update 5063927. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Concurrent execution using shared resource with improper...

Security Updates for Microsoft Excel Products (August 2025)

The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-53735, CVE-2025-53737,...

KB5063950: Windows Server 2012 R2 Security Update (August 2025)

The remote Windows host is missing security update 5063950. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Concurrent execution using shared resource with improper...

Security Updates for Microsoft SQL Server (August 2025)

The Microsoft SQL Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - An elevation of privilege vulnerability. CVE-2025-53727 Note that Nessus has not tested for this issue but has instead relied only on the application...

KB5055527: Windows Server version 23H2 Security Update (April 2025)

The remote Windows host is missing security update 5055527. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. CVE-2025-26687 - A remote code execution vulnerability. An attacker ca...

AlmaLinux 9 : pam (ALSA-2024:11250)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11250 advisory. pam: libpam: Libpam vulnerable to read hashed password CVE-2024-10041 Tenable has extracted the preceding description block directly from the AlmaLinux security...