53 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-45957
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dnsmasq 2.86 has a heap-based buffer overflow in answerrequest called from FuzzAnswerTheRequest and fuzzrfc1035.c. NOTE: the vendor's position is that...
Linux Distros Unpatched Vulnerability : CVE-2024-28593
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Chat activity in Moodle 4.3.3 allows students to insert a potentially unwanted HTML A element or IMG element, or HTML content that leads to a performance...
Linux Distros Unpatched Vulnerability : CVE-2022-32089
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component stselectlexunit::excludelevel. CVE-2022-32089 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2022-3123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site Scripting XSS - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a. CVE-2022-3123 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2022-50107
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when using fscache If we hit the 'index == nextcached' case, we leak a...
Linux Distros Unpatched Vulnerability : CVE-2021-47047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dmamapsingle fails The spi controller supports 44-b...
Linux Distros Unpatched Vulnerability : CVE-2024-7523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This issue only...
Linux Distros Unpatched Vulnerability : CVE-2023-52457
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pmruntimeresumeandget failed Returning an...
Fedora 41 : thunderbird (2025-a9d97ce15f)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a9d97ce15f advisory. Update to 128.13.0 https://www.thunderbird.net/en-US/thunderbird/128.13.0esr/releasenotes/...
Amazon Linux 2023 : docker (ALAS2023-2025-1074)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1074 advisory. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which a...
Oracle Linux 10 : grafana (ELSA-2025-8666)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8666 advisory. - Resolves RHEL-89943: CVE-2025-4123 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gdm (SUSE-SU-2025:02003-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02003-1 advisory. - CVE-2025-6018: Removes pamenv from auth stack for security reason bsc1243226. Tenable has extracted th...
Oracle Linux 8 : git (ELSA-2025-8414)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8414 advisory. 2.43.5-3 - add the option to sanitize sideband channel messages - Resolves: RHEL-74177 Tenable has extracted the preceding description block directly from the...
Oracle Linux 9 : nodejs:22 (ELSA-2025-7433)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7433 advisory. - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87319 - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86586 - Update ...
CBL Mariner 2.0 Security Update: kernel (CVE-2025-21669)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21669 advisory. - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the...
KB5055596: Windows Server 2008 Security Update (April 2025)
The remote Windows host is missing security update 5055596. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network. CVE-2025-26687 - A remote code execution vulnerability. An attacker ca...
FreeBSD : chromium -- multiple security fixes (a02a6d94-fe53-11ef-85f3-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a02a6d94-fe53-11ef-85f3-a8a1599412c6 advisory. Chrome Releases reports: This update includes 5 security fixes: Tenable has extracted the...
Linux Distros Unpatched Vulnerability : CVE-2023-52682
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to wait on block writeback for postread case If inode is compressed, but not encrypted, it missed to call f2fswaitonblockwriteback to wait for GCed pa...
Linux Distros Unpatched Vulnerability : CVE-2024-41075
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added...
Linux Distros Unpatched Vulnerability : CVE-2023-52821
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatilepanelgetmodes, the return val...