20 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-3890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hcd-ohci: infinite loop NOTE: Fixed by: https://gitlab.com/qemu- project/qemu/-/commit/129922c2bc398b656a9180150e667f98fdf0d402 v11.0.0-rc1 CVE-2026-3890...
Linux Distros Unpatched Vulnerability : CVE-2025-14876
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to...
Linux Distros Unpatched Vulnerability : CVE-2025-59023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crafted delegations or IP fragments can poison cached delegations in Recursor. CVE-2025-59023 Note that Nessus relies on the presence of the package as reported...
Linux Distros Unpatched Vulnerability : CVE-2022-0249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not...
Linux Distros Unpatched Vulnerability : CVE-2020-2892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.19 and prior. Easily...
Linux Distros Unpatched Vulnerability : CVE-2022-27378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the component Createtmptable::finalize of MariaDB Server v10.7 and below was discovered to allow attackers to cause a Denial of Service DoS via...
Linux Distros Unpatched Vulnerability : CVE-2025-22247
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to...
Linux Distros Unpatched Vulnerability : CVE-2017-12952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
Linux Distros Unpatched Vulnerability : CVE-2022-32816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a...
Linux Distros Unpatched Vulnerability : CVE-2021-41490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavior. CVE-2021-41490 Note that Nessus relies on the presence of the package as reported by t...
Linux Distros Unpatched Vulnerability : CVE-2021-22262
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from...
Linux Distros Unpatched Vulnerability : CVE-2024-3958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allow...
Linux Distros Unpatched Vulnerability : CVE-2023-29541
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firefox did not properly handle downloads of files ending in .desktop, which can be interpreted to run attacker-controlled commands. This bug only affects Firef...
Linux Distros Unpatched Vulnerability : CVE-2017-7797
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be...
Linux Distros Unpatched Vulnerability : CVE-2021-29985
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird...
Linux Distros Unpatched Vulnerability : CVE-2025-6433
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would ...
Linux Distros Unpatched Vulnerability : CVE-2021-47354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/sched: Avoid data corruptions Wait for all dependencies of a job to complete before killing it to avoid data corruptions. CVE-2021-47354 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2022-49951
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix use-after-free during unregister In the following code within...
Fedora 41 : java-17-openjdk (2025-22226bdb44)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-22226bdb44 advisory. April 2025 CPU Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this iss...
EulerOS 2.0 SP12 : golang (EulerOS-SA-2024-2951)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to...