6685 matches found
PT-2026-36989
Name of the Vulnerable Software and Affected Versions phpVMS versions 7.x through 7.0.5 Description A critical issue in the legacy importer component allows unauthenticated access to a deprecated import feature. A remote attacker can trigger internal processes to modify or delete application data...
RHCOS 4 : OpenShift Container Platform 4.15.11 (RHSA-2024:2071)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2071 advisory. - jose-go: improper handling of highly compressed data CVE-2024-28180 Note that Nessus has not tested for this issue but has instead relied...
RHCOS 4 : OpenShift Container Platform 4.17.16 (RHSA-2025:1122)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:1122 advisory. - cri-o: CRI-O Path Traversal in Log Handling Functions Allows Arbitrary Unmounting CVE-2025-0750 Note that Nessus has not tested for this...
RHCOS 6 : haproxy (RHSA-2013:0729)
The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2013:0729 advisory. - haproxy: rewrite rules flaw can lead to arbitrary code execution CVE-2013-1912 Note that Nessus has not tested for this issue but has inste...
PT-2026-36729
Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 26.01 Description A remote deserialization issue exists in the Pickle Handler component. The flaw occurs within the pickle.loads function, allowing an attacker to execute a manipulation that leads to insecure...
Fedora 43 : python3.14 (2026-97a8eb204a)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-97a8eb204a advisory. Security fixes for CVE-2026-1502, CVE-2026-4786, CVE-2026-5713, CVE-2026-6100 Tenable has extracted the preceding description block directly from th...
AlmaLinux 8 : ALSA-2026:A001kernel (ALSA-2026:A001)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:A001 advisory. kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 Tenable has extracted the preceding description block directly from the AlmaLinux...
Fedora 42 : openssh (2026-d08c298940)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d08c298940 advisory. Fixes high severity CVE: - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Tenable has extracted the...
Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.12.2.tgz, axios-1.13.1.tgz, axios-1.13.2.tgz which is vulnerable to CVE-2026-25639.
Summary IBM Maximo Application Suite - Monitor Component uses axios-1.12.2.tgz, axios-1.13.1.tgz, axios-1.13.2.tgz which is vulnerable to CVE-2026-25639. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25639 DESCRIPTION: Axios is a promise bas...
PT-2026-36506
Name of the Vulnerable Software and Affected Versions AGL app-framework-main versions 17.1.12 and earlier Description A Zip Slip path traversal issue combined with a Time-of-Check to Time-of-Use TOCTOU race condition exists in the widget installation flow. The is valid filename function in...
Fedora 44 : pyp2spec (2026-4a8ed954a6)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4a8ed954a6 advisory. Added sanitization of inputs of the metadata fields. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Fedora 43 : rust-rustls-webpki (2026-bea616fc84)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bea616fc84 advisory. Update to version 0.103.13. Addresses RUSTSEC-2026-0098, RUSTSEC-2026-0099, RUSTSEC-2026-0104. Tenable has extracted the preceding description block directly...
Fedora 44 : dotnet10.0 (2026-fc2112cdd4)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fc2112cdd4 advisory. Update to .NET SDK 10.0.106 and Runtime 10.0.6 Fixes: CVE-2026-26171, CVE-2026-32178, CVE-2026-32203, CVE-2026-33116 Release Notes: - SDK:...
Fedora 43 : pyp2spec (2026-1f68c09a18)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1f68c09a18 advisory. Added sanitization of inputs of the metadata fields. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
PT-2026-36083
Name of the Vulnerable Software and Affected Versions ASR Kestrel versions prior to 2026/02/10 Description An out-of-bounds read issue in the nr fw modules allows overflow buffers. This flaw is associated with the program file Code/Nr/nr fw/RA/src/NrPwrCtrl.C. Recommendations Update ASR Kestrel t...
Fedora 43 : binaryen (2026-fb3e461878)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-fb3e461878 advisory. Fixes CVE-2025-14956 . Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
AlmaLinux 10 : sudo (ALSA-2026:10758)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:10758 advisory. sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVE-2026-35535 Tenable has extracted the preceding description block directly from the...
RockyLinux 8 : vim (RLSA-2026:11509)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:11509 advisory. vim: arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Tenable has extracted the preceding description block directly from the RockyLinux...
Oracle Linux 10 : grafana-pcp (ELSA-2026-11881)
The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-11881 advisory. - Resolves RHEL-166433: CVE-2026-32282 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...
PT-2026-36106
Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description The SAML Identity Provider implementation fails to properly handle the return value of the validateSignature function. This function returns error strings upon failure instead of throwing exceptions,...