367250 matches found
Curl 8.15.0 < 8.21.0 SASL Double-Free
The version of curl installed on the remote host is 8.15.0 prior to 8.21.0. It is, therefore, affected by a double-free vulnerability: - The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the...
RockyLinux 10 : buildah (RLSA-2026:29195)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:29195 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...
SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2026:2638-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2638-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: -...
SUSE SLES12 Security Update : google-guest-agent (SUSE-SU-2026:2581-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2581-1 advisory. - CVE-2026-39827: Update golang.org/x/crypto dependency bsc1266171. - CVE-2026-39828: Update golang.org/x/crypto dependency...
SUSE SLED15: ImageMagick / ImageMagick-config-7-SUSE / etc (SUSE-SU-2026:2580-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2580-1 advisory. This update for ImageMagick fixes the following issues This update for ImageMagick fixes the following issues ...
RockyLinux 9 : buildah (RLSA-2026:29455)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:29455 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...
Oracle Linux 9 : buildah (ELSA-2026-29455)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-29455 advisory. - Rebuild for CVE-2026-25679 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...
RHEL 10 : kernel (RHSA-2026:30129)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:30129 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: rxrpc: fix RESPONSE...
AlmaLinux 10 : buildah (ALSA-2026:29195)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:29195 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...
SUSE SLES12 Security Update : containerd (SUSE-SU-2026:2640-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2640-1 advisory. This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation...
SUSE SLED15 / SLES15 Security Update : containerd (SUSE-SU-2026:2639-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2639-1 advisory. This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization...
AlmaLinux 10 : skopeo (ALSA-2026:29035)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:29035 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...
Oracle Linux 9 : mod_http2 (ELSA-2026-22551)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-22551 advisory. - Resolves: RHEL-182417 - modhttp2: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack CVE-2026-49975 Tenable has extracted the...
Oracle Linux 9 : libcap (ELSA-2026-19346)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19346 advisory. 2.48-10.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169312 Tenable has extracted the preceding description block directly from the...
SUSE SLES16: libsolv-demo / libsolv-devel / libsolv-devel-static / libsolv-tools / etc (SUSE-SU-2026:22172-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22172-1 advisory. Changes in zypper: Update to 1.14.98: - Transactional systems: Delegate rw-commands to transactional-wrapper if available...
SUSE SLED15: libsolv-devel / libsolv-tools / libsolv-tools-base / libzypp / etc (SUSE-SU-2026:2575-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2575-1 advisory. This update for libsolv, libzypp, zypper fixes the following issues - CVE-2026-9149: Heap buffer overflow in...
SUSE SLED15: libsolv-devel / libsolv-tools / libsolv-tools-base / libzypp / etc (SUSE-SU-2026:2590-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2590-1 advisory. This update for libsolv, libzypp, zypper fixes the following issues - CVE-2026-9149: Heap buffer overflow in...
SUSE SLES12 Security Update : libzypp (SUSE-SU-2026:2628-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2628-1 advisory. This update for libzypp fixes the following issue - CVE-2026-25707: Handcrafted repo metadata may cause arbitrary local files to be overwritten...
Oracle Linux 9 : fence-agents (ELSA-2026-19355)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19355 advisory. - bundled PyJWT: upgrade to v2.13.0 to fix CVE-2026-48526 Resolves: RHEL-182313 - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157202 - bundled...
SUSE SLES15 Security Update : containerized-data-importer (SUSE-SU-2026:2493-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2493-1 advisory. - Security: re-vendor Go dependencies to address CVEs tracked against containerized-data-importer backport of upstream PR 4110,...