367222 matches found
RHEL 8 : libpng (RHSA-2026:29901)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:29901 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...
SUSE SLES12: libblkid-devel / libblkid1 / libblkid1-32bit / libfdisk1 / etc (SUSE-SU-2026:2492-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2492-1 advisory. This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606. Tenable has...
AlmaLinux 9 : opencryptoki (ALSA-2026:28256)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:28256 advisory. openCryptoki: openCryptoki: Information disclosure and Denial of Service via malformed BER-encoded cryptographic objects CVE-2026-40253 Tenable has extracted the...
The vulnerability of the `ntfs_init_from_boot()` function in the `fs/ntfs3/super.c` module of the Linux kernel allows a hacker to induce a service failure.
The vulnerability of the ntfsinitfromboot function in the fs/ntfs3/super.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...
SUSE SLES15: libopenvswitch-3_1-0 / libovn-23_03-0 / openvswitch3 / etc (SUSE-SU-2026:2476-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2476-1 advisory. This update for openvswitch3 fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc126249...
Oracle Linux 9 : libpng (ELSA-2026-28255)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-28255 advisory. - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161448 Tenable has extracted the preceding description blo...
RHEL 8 : libpng (RHSA-2026:29902)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:29902 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...
SUSE SLES16 Security Update : perl-HTML-Parser (SUSE-SU-2026:22189-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22189-1 advisory. This update for perl-HTML-Parser fixes the following issue - CVE-2026-8829: HTML:Entities versions before 3.84 for Perl read freed heap...
SUSE SLES15 Security Update : podman (SUSE-SU-2026:2597-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2597-1 advisory. This update for podman rebuilds it against the current go security release. Tenable has extracted the preceding description block directly...
Oracle Linux 9 : golang (ELSA-2026-29981)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-29981 advisory. 1.26.4-1.0.1 - EXPERIMENTAL: Introduce fipsnoenforceems GODEBUG var 1.26.4-1 - Update to Go 1.26.4 fips-1 - Resolves: RHEL-183349 Tenable has extracted the...
Ubuntu 24.04 LTS / 25.10 : AMD Microcode vulnerabilities (USN-8475-1)
The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8475-1 advisory. Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Kpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an...
SUSE SLED15 / SLES15 Security Update : libinput (SUSE-SU-2026:2524-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2524-1 advisory. This update for libinput fixes the following issues - CVE-2026-50265,CVE-2026-50292: crafted uinput devices ca...
AlmaLinux 8 : libpng (ALSA-2026:29898)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:29898 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 Tenable has extracted the preceding description block directly from th...
PT-2026-53001
Summary The global policy read endpoint GET /api/latest/fleet/policies/policy id performs authorization against an empty fleet.Policy struct with nil TeamID, then fetches any policy by ID from the database without verifying the fetched policy actually belongs to the global scope. This allows a us...
SUSE SLES12 Security Update : libpng15 (SUSE-SU-2026:2619-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2619-1 advisory. This update for libpng15 fixes the following issues Security issues: - CVE-2025-64720: buffer overflow in pngimagereadcomposite via incorrect palette...
SUSE SLED15: libsqlite3-0 / libsqlite3-0-32bit / sqlite3 / sqlite3-devel / etc (SUSE-SU-2026:2528-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2528-1 advisory. This update for sqlite3 fixes the following issues Update to 3.53.2: - CVE-2026-11822: memory corruption...
SUSE SLES15 Security Update : libarchive (SUSE-SU-2026:2599-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2599-1 advisory. This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches...
Oracle Linux 8 : libpng (ELSA-2026-29898)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-29898 advisory. 2:1.6.37-11 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161344 Tenable has extracted the preceding description...
SUSE SLES16: tomcat10 / tomcat10-admin-webapps / tomcat10-doc / etc (SUSE-SU-2026:22197-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22197-1 advisory. This update for tomcat10 fixes the following issues Update to Tomcat 10.1.55: - CVE-2026-41284: Unbounded read in WebDAV LOCK and...
ROS-20260626-73-0023
The vulnerability of the kdc/dotgsreq.c component of the Kerberos authentication protocol is related to pointer arithmetic errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...