163 matches found
CVE-2025-37818 affecting package kernel for versions less than 6.6.92.2-1
CVE-2025-37818 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...
EulerOS 2.0 SP13 : golang (EulerOS-SA-2025-1687)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate...
Oracle Linux 9 : weldr-client (ELSA-2025-9635)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9635 advisory. 35.12-4 - Bump release for y-stream AND z-stream building using centpkg build --rhel-target=zstream Related: RHEL-89344 35.12-3 - tests: OSTree does not support...
CVE-2019-17050
An issue was discovered in the Voyager package through 1.2.7 for Laravel. An attacker with admin privileges and Compass access can read or delete arbitrary files, such as the .env file. NOTE: a software maintainer has suggested a solution in which Compass is switched off in a production environme...
Alibaba Cloud Linux 3 : 0103: python-pip (ALINUX3-SA-2022:0103)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0103 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-18074: The Requests package befor...
Fedora 40 : perl-Compress-Raw-Lzma / xz (2025-4871b31998)
The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-4871b31998 advisory. xz 5.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but...
20 module bug fix and enhancement update
An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...
RockyLinux 8 : tuned (RLSA-2024:11161)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:11161 advisory. tuned: improper sanitization of instancename parameter of the instancecreate method CVE-2024-52337 Tenable has extracted the preceding description block directly...
SUSE: Security Advisory (SUSE-SU-2025:1135-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:1101-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious code in bifinance-main (npm)
--- -= Per source details. Do not edit below this line.=-...
AZL-59186 CVE-2025-30204 affecting package nmi 1.8.17-6
golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...
Linux Distros Unpatched Vulnerability : CVE-2024-49960
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which...
Linux Distros Unpatched Vulnerability : CVE-2022-49698
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: use getrandomu32 instead of prandom bh might occur while updating per-cpu rndstat...
Linux Distros Unpatched Vulnerability : CVE-2021-3521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a binding signature. RPM does not check the binding...
Linux Distros Unpatched Vulnerability : CVE-2023-37174
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dumpisomscene function at /mp4box/filedump.c. CVE-2023-37174 No...
Linux Distros Unpatched Vulnerability : CVE-2023-46930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gfisomfindodidfortrack /afltest/gpac/src/isomedia/mediaodf.c:522:14. CVE-2023-46930 Note...
Linux Distros Unpatched Vulnerability : CVE-2022-24713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caus...
Linux Distros Unpatched Vulnerability : CVE-2023-52795
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix use after free in vhostvdpaprobe The putdevice calls vhostvdpareleasedev whi...
Linux Distros Unpatched Vulnerability : CVE-2024-45006
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration re-enumerating...