Notepad++ < 8.9.6.1 Multiple Vulnerabilities

The version of Notepad++ installed on the remote host is prior to 8.9.6.1. It is, therefore, affected by multiple vulnerabilities: - A crash caused by any malformed structure that could allow an attacker to cause a denial of service condition. CVE-2026-48770 - An arbitrary code execution...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017513)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017513 advisory. A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...

RHCOS 4 : OpenShift Container Platform 4.15.z (RHSA-2023:7200)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7200 advisory. - golang: net/http, x/net/http2: rapid stream resets can cause excessive work CVE-2023-44487 CVE-2023-39325 - golang:...

Fedora 42 : mingw-LibRaw (2026-826db1b5c0)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-826db1b5c0 advisory. Backport patch for CVE-2026-20884. ---- Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 ---- Update to libraw-0.21.5...

Mozilla Thunderbird < 140.8

The version of Thunderbird installed on the remote Windows host is prior to 140.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-17 advisory. - Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and...

ISC BIND 9.11.3-S1 < 9.18.38-S1 / 9.18.11-S1 < 9.18.38-S1 / 9.20.9-S1 < 9.20.11-S1 Vulnerability (cve-2025-40776)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2025-40776 advisory. - A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-58060)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-58060 advisory. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004352)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004352 advisory. In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional...

Fedora 42 : firefox (2026-0136a5ab4e)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0136a5ab4e advisory. - New upstream release 147.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

Fedora 43 : libpcap (2026-274010c760)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-274010c760 advisory. New version 1.10.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Fedora 42 : timg (2025-f0df882417)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-f0df882417 advisory. Rebuilt with latest patched stbimage: memory-safety fixes Tenable has extracted the preceding description block directly from the Fedora security advisory...

Fedora 42 : kubernetes1.31 (2025-4a1370ea1b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-4a1370ea1b advisory. - Update to release v1.31.14 - Resolves: rhbz2398586, rhbz2398847, rhbz2399248, rhbz2399521 - Resolves: rhbz2399702, rhbz2399720, rhbz2407787,...

Atlassian Jira 9.12.x < 9.12.28 Path Traversal

According to its self-reported version number, the Atlassian Jira application running on the remote host is 9.12.x prior to 9.12.28, 10.3.x prior to 10.3.12 or 11.x prior to 11.1.0. It is, therefore, affected by a path traversal vulnerability. Note that the scanner has not tested for these issues...

Security Updates for Microsoft Word Products C2R (October 2025)

The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple remote code execution vulnerabilities that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has instead...

Security Updates for Microsoft Office Products C2R (October 2025)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote code execution vulnerabilities that attackers can exploit to bypass authentication and execute unauthorized arbitrary commands. CVE-2025-59227, CVE-2025-59234 - A denial of...

FreeBSD : Mozilla -- Memory safety bugs (7b9a8247-ab7b-11f0-b961-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7b9a8247-ab7b-11f0-b961-b42e991fc52e advisory. [email protected] reports: Some of these bugs showed evidence of memory corruption and we presume th...

Mozilla Firefox ESR < 115.28

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.28. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-74 advisory. - Integer overflow in the SVG component. This vulnerability affects Firefox 143, Firefox ESR 115.28, Firefox ESR...

Fedora 41 : loupe (2025-458d5882a1)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-458d5882a1 advisory. Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. Tenable has extracted the preceding description block directly from the Fedora security advisory...

SUSE SLES15 Security Update : python311 (SUSE-SU-2025:02984-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02984-1 advisory. - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Tenable has extracted the preceding...

Fedora 42 : glab (2025-b597c89f32)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b597c89f32 advisory. Update to 1.67.0 ---- Update to 1.66.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...