989 matches found
[SECURITY] Fedora 44 Update: skopeo-1.22.2-1.fc44
Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...
[SECURITY] Fedora 44 Update: python-biopython-1.87-1.fc44
A set of freely available Python tools for computational molecular biology...
Fedora 44 : xorg-x11-server (2026-cf9e55a7a0)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cf9e55a7a0 advisory. Update to xserver 21.1.22, CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003 Tenable has extracted the...
PT-2026-37172
Name of the Vulnerable Software and Affected Versions Russh versions prior to 0.60.1 Description A pre-authentication denial-of-service issue exists in the server's keyboard-interactive authentication handler. A malicious client can crash any server based on this library that implements...
CVE-2026-31014
Dovestones Softwares AD Self Update 4.0.0.5 is vulnerable to Cross Site Request Forgery CSRF. The affected endpoint processes state-changing requests without requiring a CSRF token or equivalent protection. The endpoint accepts application/x-www-form-urlencoded requests, and an originally...
Fedora 43 : xorg-x11-server-Xwayland (2026-beff97a194)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-beff97a194 advisory. Update to xwayland 24.1.10, CVE fix for: CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003 Tenable has extracted the...
Security Updates for Windows Defender (April 2026)
The Antimalware Platform version of Microsoft Windows Defender installed on the remote Windows host is prior to 4.18.26030.3011. It is, therefore, affected by a privilege escalation vulnerability: - Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to...
Fedora 43 : webkitgtk (2026-431948187d)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-431948187d advisory. Update to 2.52.1. Notable changes from 2.50 to 2.52: Make text look like in other browsers by blending in linear color space. Improved rendering...
Fedora 43 : flatpak (2026-5286084b44)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5286084b44 advisory. Update to 1.16.6 Fixes for CVE-2026-34078, CVE-2026-34079, GHSA-2fxp-43j9-pwvc and GHSA-89xm-3m96-w3jg Tenable has extracted the preceding descripti...
Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource
Impact A developer with create permission on ClickhouseUser CRDs in their own namespace can exfiltrate secrets from any other namespace — production database credentials, API keys, service tokens — with a single kubectl apply. The operator reads the victim's secret using its ClusterRole and write...
PT-2026-33203
Name of the Vulnerable Software and Affected Versions Scribunto versions 1.45.0 through 1.45.1 Description A security issue exists in the Wikimedia Foundation Scribunto software. Recommendations Update to version 1.45.2...
Joomla! Access Control Vulnerability (20260301)
Joomla! is prone to an access control vulnerability. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Fedora 43 : mingw-expat (2026-e70c1919fe)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e70c1919fe advisory. Update to 2.7.5. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
PT-2026-28448
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.11 Description The software contains a session sandbox escape issue within the session status tool. This allows sandboxed subagents to access session state belonging to parent or sibling sessions. An attacker...
CVE-2026-33875
Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep link. Update...
Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library flask-3.1.2 which is vulnerable to CVE-2026-27205
Summary IBM Maximo Application Suite - Predict Component was using vulnerable library flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-27205 DESCRIPTION: Flask is a web server...
PT-2026-28548
Name of the Vulnerable Software and Affected Versions Windmill versions prior to 1.664.0 Description Windmill, a developer platform for internal code including APIs, background jobs, workflows, and UIs, is affected by a code injection issue. Workspace environment variable values are interpolated...
PT-2026-28618
Name of the Vulnerable Software and Affected Versions TigerVNC versions prior to 1.16.2 Description The software contains a flaw in the Image.cxx file within the x0vncserver component. Incorrect permissions allow other users to potentially observe or manipulate the screen content, or cause the...
PT-2026-28574
Name of the Vulnerable Software and Affected Versions Happy DOM versions 15.10.0 through 20.8.7 Description Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. Versions 15.10.0 through 20.8.7 contain a code injection issue in the ECMAScriptModuleCompile...
Fedora 44 : containernetworking-plugins (2026-d6b4b4df31)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d6b4b4df31 advisory. - Update to release v1.9.1 - Resolves: rhbz2448053, rhbz2423997, rhbz2424031 - Upstream fixes Tenable has extracted the preceding description block...