Linux Distros Unpatched Vulnerability : CVE-2024-0048

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This...

Linux Distros Unpatched Vulnerability : CVE-2021-39911

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper access control flaw in all versions of GitLab CE/EE starting from 13.9 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all version...

Linux Distros Unpatched Vulnerability : CVE-2024-27076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2ctrlhandler memory leak Free the memory allocated in...

Linux Distros Unpatched Vulnerability : CVE-2022-46878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of the...

Apple iOS < 18.6 Multiple Vulnerabilities (124147)

Binary data appleios186check.nbin...

PHP 8.1.x < 8.1.33 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.33, 8.2.x prior to 8.2.29, 8.3.x prior to 8.3.23, or 8.4.x prior to 8.4.10. It is, therefore, affected by multiple vulnerabilities: - pgsql extension does not check for errors duri...

Grafana 11.3.x < 11.3.7 Improper Access Control

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 10.4.19, or 11.2.x earlier than 11.2.10, or 11.3.x earlier than 11.3.7, or 11.4.x earlier than 11.4.5, or 11.5.x earlier than 11.5.5, or 11.6.x earlier than 11.6.2, or 12.0.x earlier than 12.0.1...

Apache Tomcat 10.1.0-M1 < 10.1.40 Multiple Vulnerabilities

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.104, 10.1.0-M1 prior to 10.1.40 or 11.0.0-M1 prior to 11.0.6. It is, therefore, affected by multiple vulnerabilities : - A denial of service via invalid HTTP priority header. CVE-2025-31650 - A rewrite rule bypass...

Fedora 40 : perl / perl-Devel-Cover / perl-PAR-Packer (2025-8445f115f6)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8445f115f6 advisory. Fix CVE-2024-56406 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Azure Linux 3.0 Security Update: giflib (CVE-2025-31344)

The version of giflib installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-31344 advisory. - Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with...

RockyLinux 9 : bzip2 (RLSA-2025:0925)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:0925 advisory. bzip2: bzip2: Data integrity error when decompressing with data integrity tests fail. CVE-2019-12900 Tenable has extracted the preceding description block directl...

LiteLLM Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible LiteLLM instance on the target application. LiteLLM is a LLM Gateway to provide model access in the OpenAI format. This detection is included in the AI and LLM category. No source data...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56746)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56746 advisory. - In the Linux kernel, the following vulnerability has been resolved: fbdev: sh7760fb: Fix a possible memory...

Linux Distros Unpatched Vulnerability : CVE-2022-24723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - URI.js is a Javascript URL mutation library. Before version 1.19.9, whitespace characters are not removed from the beginning of the protocol, so URLs are not...

Linux Distros Unpatched Vulnerability : CVE-2024-38663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix list corruption from resetting io stat Since commit 3b8cc6298724 blk-cgroup:...

Linux Distros Unpatched Vulnerability : CVE-2024-35930

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc The call to lpfcsli4resumerpi in lpfcrcvpadisc may return an unsuccessful status. In such cases, the elsio...

Linux Distros Unpatched Vulnerability : CVE-2017-6887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A boundary error within the parsetiffifd function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e....

Azure Linux 3.0 Security Update: kernel (CVE-2024-46725)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46725 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix out-of-bounds write...

AlmaLinux 8 : kernel-rt (ALSA-2025:1067)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:1067 advisory. kernel: scsi: core: Fix unremoved procfs host directory regression CVE-2024-26935 kernel: arm64/sve: Discard stale CPU state when handling SVE traps...

Fedora 41 : git-lfs (2025-1de066b8af)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1de066b8af advisory. Update to latest version Fix CVE-2024-53263 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...