2099 matches found
Jenkins ssh-agent Docker Image < 6.11.2 SSH Host Key Reuse
According to their self-reported version numbers, the jenkins/ssh-agent docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on...
Security Updates for Microsoft Exchange Server (August 2025)
The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities as referenced in the August, 2025 security bulletin. - Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an...
KB5063880: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (August 2025)
The remote Windows host is missing security update 5063880 or hot patch 5063812. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Missing synchronization in Windows...
Adobe FrameMaker 2020 < 16.0.9 (2020.0.9) / Adobe FrameMaker 2022 < 17.0.7 (2022.0.7) Multiple Vulnerabilities (APSB25-83)
The version of Adobe FrameMaker installed on the remote Windows host is prior to Adobe FrameMaker 2020 16.0.9 / Adobe FrameMaker 2022 17.0.7. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-83 advisory. - Use After Free CWE-416 potentially leading to Arbitrary...
Jenkins ssh-slave Docker Image SSH Host Key Reuse
According to their self-reported version numbers, the jenkins/ssh-slave docker containers running on the remote web server are affected by an SSH host key reuse vulnerability. In jenkins/ssh-slave Docker images, SSH host keys are generated on image creation for images based on Debian, causing all...
Linux Distros Unpatched Vulnerability : CVE-2022-50186
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ath11k: fix missing skb drop on htctxcompletion error On htctxcompletion error the skb is no...
Linux Distros Unpatched Vulnerability : CVE-2022-50187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ath11k: fix netdev open race Make sure to allocate resources needed before registering the...
Linux Distros Unpatched Vulnerability : CVE-2023-52769
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU...
Linux Distros Unpatched Vulnerability : CVE-2022-48958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ethernet: aeroflex: fix potential skb leak in grethinitrings The grethinitrings function won't free the newly allocated skb when dmamappingerror returns error, ...
Linux Distros Unpatched Vulnerability : CVE-2024-38572
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix out-of-bound access of qmiinvokehandler Currently, there is no terminator...
Fedora 42 : incus (2025-2edb6773ed)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-2edb6773ed advisory. New release of Incus. Release information: https://github.com/lxc/incus/releases/tag/v6.15.0 Tenable has extracted the preceding description block...
Linux Distros Unpatched Vulnerability : CVE-2025-23129
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: Clear affinity hint before calling ath11kpcicfreeirq in error path If a shared IRQ is used by the driver due to platform limitation, then the IRQ...
Fedora 41 : incus (2025-83aa12829d)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-83aa12829d advisory. New release of Incus. Release information: https://github.com/lxc/incus/releases/tag/v6.15.0 Tenable has extracted the preceding description block...
Oracle Linux 10 : libxml2 (ELSA-2025-13429)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13429 advisory. - Fix CVE-2025-32415 RHEL-100174 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
BeyondTrust Privilege Management for Windows < 25.4.270.0 Multiple Vulnerabilities (BT25-05) (BTS25-06)
The version of BeyondTrust Privilege Management for Windows installed on the remote host is prior to 25.4.270.0. It is, therefore, affected by multiple vulnerabilities as referenced in the BT25-05 and BT25-06 advisories: - Prior to version 25.4.270.0, a local authenticated attacker can manipulate...
Fedora 42 : yarnpkg (2025-cf39a93e95)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-cf39a93e95 advisory. Apply fixes for CVE-2025-8262 and CVE-2025-7783. Tenable has extracted the preceding description block directly from the Fedora security advisory...
📄 Hecate PC Remote Control 1.6.1.0 Remote Code Execution
Hecate PC Remote Control version 1.6.1.0 listens on UDP port 48436 and accepts unauthenticated JSON commands for keyboard and mouse input. This lack of authentication allows a remote attacker to simulate user interaction, open system dialogs, and execute arbitrary commands. Exploit Title: Hecate ...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcing the SMM mode to remain active during SHUTDOWN interception Previously, the commit ed129ec9057f “KVM: x86: forcing the nested mode to remain active during vCPU reset” addressed an issue where a triple fault...
Oracle Linux 9 : nodejs:22 (ELSA-2025-8467)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8467 advisory. nodejs 1:22.16.0-1 - Update to 22.16.0 Resolves: RHEL-89600 RHEL-92872 RHEL-92420 Tenable has extracted the preceding description block directly from the Oracle...
CVE-2025-40630
Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This vulnerability allows an attacker to redirect a user to any domain by sending a malicious URL to the victim, for example “ https://icewarp.domain.com///%2e%2e” https://icewarp.domain.com///%2e%2e” . This...