Linux Distros Unpatched Vulnerability : CVE-2026-40528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the dokeyvalue function in src/pkcs15init/profile.c tha...

Photon OS 5.0: Linux PHSA-2026-5.0-0882

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0882. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLES16 Security Update : opensc (SUSE-SU-2026:22126-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22126-1 advisory. - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input...

Linux Distros Unpatched Vulnerability : CVE-2026-46873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: VMSVGA device. The supported version that is affected is 7.2.8. Difficult ...

Debian dla-4635 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4635 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4635-1 [email protected]...

SUSE SLED15 / SLES15 Security Update : LibVNCServer (SUSE-SU-2026:2427-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2427-1 advisory. - CVE-2026-44988: Fixed missing validation of rectangle width in tight gradient decoding can lead to server-triggered...

Linux Distros Unpatched Vulnerability : CVE-2026-53489

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-53489 Note that Nessus relies on the presence of the package as reported by the vendor. C Tenable, Inc...

Linux Distros Unpatched Vulnerability : CVE-2026-40510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : pbkdf2 vulnerability (USN-8452-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8452-1 advisory. Nikita Skovoroda discovered that pbkdf2 did not properly validate certain algorithm names. An attacker could possibly use this...

RockyLinux 8 : 389-ds:1.4 (RLSA-2026:26459)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26459 advisory. 389-ds-base: 389-ds-base: unbounded LDAP controls count in getldapmessagecontrolsext causes CPU and heap amplification remote DoS CVE-2026-9064 Tenable has...

MiracleLinux 8 : hplip-3.18.4-13.el8_10.ML.1 (AXSA:2026-798:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-798:01 advisory. HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection CVE-2026-8632 HPLIP: HPLIP: Arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2026-35275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Shared Folders. The supported version that is affected is 7.2.8. Difficult...

Photon OS 5.0: Util PHSA-2026-5.0-0885

An update of the util package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0885. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 44 : util-linux (2026-c70cb96ff1)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c70cb96ff1 advisory. upstream upgrade with security fixes: - CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount - CVE-2026-53613 - libmoun...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : libheif vulnerabilities (USN-8454-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8454-1 advisory. Elhanan Haenel discovered that libheif incorrectly handled certain malformed HEIF sequence files...

Photon OS 5.0: Dotnet PHSA-2026-5.0-0884

An update of the dotnet package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0884. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE SLES12 Security Update : qemu (SUSE-SU-2026:2406-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2406-1 advisory. - CVE-2023-1544: pvrdma: out-of-bounds read in pvrdmaringnextelemread bsc1209554. - CVE-2025-11234: qemu-kvm: use-after-free in websocket...

Linux Distros Unpatched Vulnerability : CVE-2026-46580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Theia versions prior to 1.71.0, files matching the pattern .prompts/.prompttemplate in a workspace were automatically loaded and could override or...

Linux Distros Unpatched Vulnerability : CVE-2026-8461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be...

RHEL 10 : dracut (RHSA-2026:26532)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26532 advisory. The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtua...