MiracleLinux 9 : php:8.2 (AXSA:2026-118:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-118:01 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML...

MiracleLinux 8 : kernel-4.18.0-372.9.1.el8 (AXSA:2022-3558:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3558:10 advisory. kernel: fget: check that the fd still exists after getting a ref to it CVE-2021-4083 kernel: avoid cyclic entity chains due to malformed USB...

MiracleLinux 9 : skopeo-1.16.1-2.el9_5 (AXSA:2024-9497:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9497:07 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...

GLSA-202511-02 : WebKitGTK+: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202511-02 WebKitGTK+: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block...

F5 Networks BIG-IP : BIG-IP AFM DoS protection profile vulnerability (K000152341)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K000152341 advisory. When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed...

GLSA-202509-04 : glibc: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202509-04 glibc: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from...

Fedora 42 : libarchive (2025-47e73aaaea)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-47e73aaaea advisory. Rebase due to a lot of CVE fixes Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Oracle Linux 10 : libarchive (ELSA-2025-14137)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14137 advisory. 3.7.7-4 - Resolves: CVE-2025-5914 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:02806-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02806-1 advisory. - CVE-2025-6032: Fixed machine init command failing to verify TLS certificate bsc1245320 Tenable has extracted the preceding description...

Curl < 8.12.0 Double Close (CVE-2025-0665)

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 8090...

GitLab 17.0 < 17.0.4 / 17.1 < 17.1.2 (CVE-2024-5257)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4 and from 17.1 prior to 17.1.2 where a Developer user with admincomplianceframework custom role may hav...

GitLab 15.11 < 16.9.7 / 16.10 < 16.10.5 / 16.11 < 16.11.2 (CVE-2024-2454)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.11 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. The pins endpoi...

GLSA-202401-34 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-34 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Chromium and its derivatives. Please review the CVE identifiers referenced below for details. Tenable has...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-6532-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6532-1 advisory. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker...

Oracle Business Intelligence Enterprise Edition (OAS 7.0) (October 2023 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 7.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product o...

Node.js 16.x < 16.20.2 / 18.x < 18.17.1 / 20.x < 20.5.1 Multiple Vulnerabilities (Wednesday August 09 2023 Security Releases).

The version of Node.js installed on the remote host is prior to 16.20.2, 18.17.1, 20.5.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Wednesday August 09 2023 Security Releases advisory: - Permissions policies can be bypassed via Module.load CVE-2023-32002 -...

EulerOS 2.0 SP10 : httpd (EulerOS-SA-2022-1790)

According to the versions of the httpd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP...

MS12-044: Cumulative Security Update for Internet Explorer (2719177)

The remote host is missing Internet Explorer IE Security Update 2719177. The installed version of IE is affected by vulnerabilities that could allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid59907;...

Mandriva Update for squirrelmail MDVSA-2011:123 (squirrelmail)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

GLSA-200408-21 : Cacti: SQL injection vulnerability

The remote host is affected by the vulnerability described in GLSA-200408-21 Cacti: SQL injection vulnerability Cacti is vulnerable to a SQL injection attack where an attacker may inject SQL into the Username field. Impact : An attacker could compromise the Cacti service and potentially execute...