WordPress Symposium <=15.8.1 - Cross-Site Scripting

WordPress Symposium through 15.8.1 contains a reflected cross-site scripting vulnerability via the wp-content/plugins/wp-symposium/getalbumitem.php?size parameter which allows an attacker to steal cookie-based authentication credentials and launch other attacks. id: CVE-2015-9414 info: name:...

Apache HTTP Server - Remote Code Execution

Apache HTTP Server 2.4.32 to 2.4.44 contains an info disclosure and possible remote code execution caused by a vulnerability in modproxyuwsgi, letting remote attackers access sensitive information and potentially execute arbitrary code, exploit requires sending crafted requests. id: CVE-2020-1198...

ROOT-OS-UBUNTU-2204-CVE-2025-38708 CVE-2025-38708 in rootio-linux - Patched by Root

Root has patched CVE-2025-38708 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

CVE-2026-43984 Tautulli has stored XSS in logFile via guest-controlled log_js_errors input

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose logjserrors to any authenticated user, including guest users when guest access is enabled. The endpoint writes attacker-controlled strings directly into the main application log. The...

Chromium: CVE-2026-9972 Uninitialized Use in Gamepad

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE SLED15 / SLES15 Security Update : docker (SUSE-SU-2026:2033-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2033-1 advisory. This update for docker rebuilds it against the current go security release. Tenable has extracted the preceding...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-8254-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8254-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

TencentOS Server 4: kernel (TSSA-2026:0287)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0287 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 2: squid (TSSA-2026:0280)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0280 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

Oracle Linux 10 : image-builder (ELSA-2026-13642)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-13642 advisory. 45-1.0.4 - Rebuilt to fix CVE-2026-25679, CVE-2026-27137 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

Fedora 44 : rauc (2026-17dbeca425)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-17dbeca425 advisory. version bumped from 1.15.1 to 1.15.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

RHSA-2026:10711 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2026-9686)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9686 advisory. 1:17.0.19.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.19.0.10-1 - Update to jdk-17.0.19+10 GA - Add to .gitignore...

CVE-2026-23431

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fix memory leak in amlspisgprobe In amlspisgprobe, ctlr is allocated by spialloctarget/spiallochost, but fails to call spicontrollerput in several error paths. This leads to a memory leak whenever the driver...

RHSA-2026:6469 Red Hat Security Advisory: libpng15 security update

Bulletin has no description...

Fedora 42 : containernetworking-plugins (2026-7ed700921c)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7ed700921c advisory. Update to release v1.9.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

USN-8059-9 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...

PT-2026-27122

Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified NetScaler Gateway version 14.1-66.54 Description A race condition occurs in NetScaler ADC and NetScaler Gateway when the appliance is configured as...

ruby4.0-rubygem-rack-3.1.18-1.3 on GA media (moderate)

ruby4.0-rubygem-rack-3.1.18-1.3 on GA media Announcement ID: openSUSE-SU-2026:10358-1 Rating: moderate Cross-References: CVE-2013-0262 CVE-2013-0263 CVE-2015-3225 CVE-2018-16471 CVE-2019-16782 CVE-2020-8184 CVE-2022-30122 CVE-2022-30123 CVE-2022-44570 CVE-2022-44571 CVE-2022-44572 CVE-2023-27530...