Security Updates for Microsoft Windows Admin Center (May 2026)

The Microsoft Windows Admin Center installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network. CVE-2026-35438 - Improper access...

Security Updates for Microsoft SharePoint Server 2019 (February 2026)

The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

Security Updates for Azure Connected Machine Agent < 1.49

The Microsoft Azure Connected Machine Agent installation on the remote host is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for this issue but has instead...

Security Updates for Microsoft Word Products C2R (August 2025)

The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has instead...

Security Updates for Microsoft Dynamics 365 (on-premises) (August 2025) - CVE-2025-53728

The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by an information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. Note that Nessus has not tested for this issue but has instead relied only on the...

Security Updates for Microsoft Office Products (August 2025)

The Microsoft Office Products are missing security updates. They are, therefore, affected by multiple vulnerabilities. - A Remote Code Execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-53731, CVE-2025-53740 Note th...

Security Updates for Microsoft SharePoint Server Subscription Edition (August 2025)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by an privilege escalation Vulnerability. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Security Updates for Microsoft Office Online Server (August 2025)

The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. %NASLMINLEVEL 80900 C...

Security Updates for Microsoft SharePoint Server Subscription Edition (July 2025)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple security vulnerabilities: - Improper limitation of a pathname to a restricted directory 'path traversal' in Microsoft Office SharePoint allows a...

Fedora 41 : dnsdist (2025-1d6a5aa3d8)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1d6a5aa3d8 advisory. Update to 1.9.9 to fix CVE-2025-30194 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Kubernetes 安全漏洞

Kubernetes K8s is an open source system for automating the deployment, scaling, and management of containerized applications from the Kubernetes open source. A security vulnerability exists in Kubernetes that stems from the use of the deprecated in-tree gitRepo volume feature, which could lead to...

Fedora 41 : mingw-qt5-qt3d / mingw-qt5-qtactiveqt / mingw-qt5-qtbase / etc (2024-02ccd4daed)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-02ccd4daed advisory. Update to qt-5.15.12. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora 40 : python3.11 (2024-985017d277)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-985017d277 advisory. Security fix for CVE-2024-8088 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

Fedora 39 : python-setuptools (2024-9ed182a5d3)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9ed182a5d3 advisory. Security fix for CVE-2024-6345. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

RHEL 9 : java-17-openjdk (RHSA-2023:5753)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5753 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixe...

RHEL 9 : curl (RHSA-2023:5763)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5763 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

RHEL 8 : thunderbird (RHSA-2023:3596)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3596 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.12.0. Security Fixes: Mozilla...

Fedora 37 : kernel (2023-4f2cf7e5d2)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-4f2cf7e5d2 advisory. The 6.2.12 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly from the...

Fedora 36 : firefox (2023-50f9eb7aca)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-50f9eb7aca advisory. - New upstream update 112.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

CBL Mariner 2.0 Security Update: bind (CVE-2022-3080)

The version of bind installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3080 advisory. - By sending specific queries to the resolver, an attacker can cause named to crash. CVE-2022-3080 Note that Ness...