9555 matches found
Electerm 参数注入漏洞
Electerm is a SSH/SFTP client developed by ZXDong262 from China, based on Electron. Versions of Electerm 3.8.15 and earlier have a parameter injection vulnerability. This vulnerability arises from the fact that the terminal hyperlink processor does not validate URLs with respect to protocols. Thi...
PHP 8.2.x < 8.2.31 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.2.31. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.2.31 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...
Fedora 43 : squid (2026-e6a4814a4d)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-e6a4814a4d advisory. - new version 7.5 - security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...
RHCOS 2 : openshift-origin-broker (RHSA-2014:0423)
The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0423 advisory. - OpenShift: openshift-origin-broker plugin allows impersonation CVE-2014-0188 Note that Nessus has not tested for this issue but has instead...
RHCOS 3 : OpenShift Container Platform 3.2 (RHSA-2018:1241)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1241 advisory. - source-to-image: Improper path sanitization in ExtractTarStreamFromTarReader in tar/tar.go CVE-2018-1102 Note that Nessus has not tested fo...
RHCOS 4 : OpenShift Container Platform 4.17.15 (RHSA-2025:0878)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0878 advisory. - podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile CVE-2024-11218 Note that...
RHCOS 4 : Red Hat build of MicroShift 4.15.12 (RHSA-2024:2667)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2667 advisory. - golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 Note that Nessus has not tested for this...
RHCOS 3 : OpenShift Container Platform 3.10 (RHSA-2018:3549)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3549 advisory. - kubernetes: authentication/authorization bypass in the handling of non-101 responses CVE-2018-1002105 Note that Nessus has not tested for...
RHCOS 4 : OpenShift Container Platform 4.14.63 (RHSA-2026:5086)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5086 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Note that Nessus has not tested for this issue but has...
Fedora 44 : erlang (2026-2a93359b0b)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2a93359b0b advisory. Erlang ver. 26.2.5.19 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-32316)
The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-32316 advisory. - jq is a command-line JSON processor. An integer overflow vulnerability exists through version...
Photon OS 5.0: Expat PHSA-2026-5.0-0830
An update of the expat package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0830. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
AlmaLinux 9 : webkit2gtk3 (ALSA-2026:9692)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:9692 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web...
CIQ Extended Support
A CIQ package update service provides extended support and/or OS hardening for the remote host. %NASLMINLEVEL 80900 C Tenable Network Security, Inc. include"compat.inc"; if description scriptid307904; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/04/21";...
Photon OS 5.0: Jq PHSA-2026-5.0-0827
An update of the jq package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0827. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid307869...
Photon OS 4.0: Linux PHSA-2026-4.0-0998
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0998. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
MAL-2026-2908 Malicious code in pretty-logger-js (npm)
pretty-logger-js is a malicious npm package that when imported downloads and executes a C2 dropper from https://www.jsonkeeper.com/b/OTOAQ. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e46da449e6d21efcef5e9975a2f8e90c31369882800ed4c560ae47ade99b53 The packa...
Debian: Security Advisory (DSA-6212-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-c803743b67)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-e0c31e9e7e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...