338202 matches found
Fedora 44 : mingw-objfw (2026-59c21cd48b)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-59c21cd48b advisory. Update to 1.5.4. Fixes a buffer overflow caused by integer promotion rules in OFBMPImageFormatHandler and OFQOIImageFormatHandler. ---- Update to 1.5.3 Tenab...
SUSE SLES12 Security Update : kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2178-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2178-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: -...
Linux Distros Unpatched Vulnerability : CVE-2026-49389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - netatalk - None Ubuntu Linux - Unknown description CVE-2026-49389 Note that Nessus relies on the presence of the package as reported by the vendo...
SUSE SLES15 Security Update : kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:2159-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2159-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: ...
IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 RCE (7274738)
The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7274738 advisory. - IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrust...
SUSE SLES15 Security Update : kernel (Live Patch 50 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:2191-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2191-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.200 fixes various security issues The following security issues were fixed: ...
openSUSE 16 Security Update : evince (openSUSE-SU-2026:20850-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20850-1 advisory. Changes in evince: - Update to version 48.2 bsc1265880 CVE-2026-46529: - shell: Quote strings in arguments used when calling evspawn - Update to version...
IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 Identity Spoofing (7274740)
The version of IBM WebSphere Application Server running on the remote host is affected by an identity spoofing vulnerability as referenced in the 7274740 advisory. - IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing. CVE-2026-8644 Note that Nessus has not tested for...
Linux Distros Unpatched Vulnerability : CVE-2025-60486
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free in the dasherprocess function /filters/dasher.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS vi...
Linux Distros Unpatched Vulnerability : CVE-2026-10229
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::readmeshes of the file HL1MDLLoader.cpp of the component Half-Life...
Linux Distros Unpatched Vulnerability : CVE-2026-45505
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ...
Linux Distros Unpatched Vulnerability : CVE-2026-49387
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - netatalk - None Ubuntu Linux - Unknown description CVE-2026-49387 Note that Nessus relies on the presence of the package as reported by the vendo...
SUSE SLES15 Security Update : kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2172-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2172-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.130 fixes various security issues The following security issues were fixed: ...
Ubuntu 25.10 / 26.04 LTS : OpenJDK 26 vulnerabilities (USN-8341-1)
The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8341-1 advisory. Thomas Beckers discovered that the JAXP component of OpenJDK 26 did not correctly authenticate certain APIs. A remote unauthenticated attacker...
SUSE SLES15 Security Update : kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2181-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2181-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.28 fixes various security issues The following security issues were fixed: -...
Linux Distros Unpatched Vulnerability : CVE-2026-41440
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Ubuntu 25.10 / 26.04 LTS : LibreOffice vulnerability (USN-8352-1)
The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8352-1 advisory. Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched encryption salt parameters in crafted OOXML documents. An attacker could use thi...
AlmaLinux 9 : php:8.2 (ALSA-2026:22143)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22143 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Exim vulnerability (USN-8353-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8353-1 advisory. Warisjeet Singh discovered that Exim with SUPPORTPROXY enabled did not properly handle memory before SMTP authentication. A remote...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-25680)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-25680 advisory. - Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...
SUSE SLES15 Security Update : kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2189-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2189-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.34 fixes various security issues The following security issues were fixed: -...
openSUSE 16 Security Update : roundcubemail (openSUSE-SU-2026:20852-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20852-1 advisory. Changes in roundcubemail: - update to 1.6.16 - Fix potential too long value in IMAP ID command 10136 - Security: Fix stored XSS/HTML/CSS injecti...
CentOS 9 : kernel-5.14.0-710.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the kernel-5.14.0-710.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et....
Linux Distros Unpatched Vulnerability : CVE-2026-44825
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attack...
SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2134-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2134-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.5 fixes various security issues The following security issues were fixed: -...
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2200-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2200-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.302 fixes various security issues The following security issues were fixe...
Linux Distros Unpatched Vulnerability : CVE-2026-42588
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ...
Linux Distros Unpatched Vulnerability : CVE-2026-10233
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::readsequenceinfos of the file...
SUSE SLES16 Security Update : vim (SUSE-SU-2026:21859-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21859-1 advisory. This update for vim fixes the following issues - CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary fil...
Linux Distros Unpatched Vulnerability : CVE-2026-41437
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Linux Distros Unpatched Vulnerability : CVE-2026-41438
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
SUSE SLES12 Security Update : kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:2148-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2148-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: -...
Linux Distros Unpatched Vulnerability : CVE-2026-8341
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
SUSE SLES15 Security Update : kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:2141-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2141-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: ...
SUSE SLES15 Security Update : strongswan (SUSE-SU-2026:2197-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2197-1 advisory. - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereferen...
Linux Distros Unpatched Vulnerability : CVE-2026-10200
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser...
AlmaLinux 8 : php:8.2 (ALSA-2026:22305)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22305 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...
Linux Distros Unpatched Vulnerability : CVE-2026-48827
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload- pack, git-receive-pack, and other git operations allows...
Linux Distros Unpatched Vulnerability : CVE-2026-46605
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing destinations with prop...
Linux Distros Unpatched Vulnerability : CVE-2026-10230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::readanimations of the file HL1MDLLoader.cpp...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Texmaker vulnerabilities (USN-8346-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8346-1 advisory. It was discovered that the vendored LibTIFF in Texmaker incorrectly handled memory when parsing malformed TIFF image metadata...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42502)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42502 advisory. - Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML...
SUSE SLES16 Security Update : alloy (SUSE-SU-2026:21852-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21852-1 advisory. This update for alloy fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing...
SUSE SLES15 Security Update : wireshark (SUSE-SU-2026:2203-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2203-1 advisory. This update for wireshark fixes the following issues - CVE-2026-5401: AFP dissector crash bsc1263756. - CVE-2026-5403: SBC audio...
openSUSE 16 Security Update : apache-commons-lang3, apache-commons-text, apache-commons-configuration2, apache-commons-cli, apache-commons-io, apache-commons-codec (openSUSE-SU-2026:20841-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20841-1 advisory. Changes in apache-commons-lang3: Update to 3.20.0 New features: - Add SystemProperties.getPathString, Supplier - Add JavaVersion.JAVA25 - Add...
RockyLinux 10 : openssh (RLSA-2026:19069)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19069 advisory. OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode CVE-2026-35385 OpenSSH: OpenSSH: Security bypass via...
MiracleLinux 8 : freeipmi-1.6.17-1.el8_10 (AXSA:2026-742:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-742:02 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the MiracleLin...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-46598)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-46598 advisory. - For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes...
SUSE SLES16 Security Update : python-mistune (SUSE-SU-2026:21858-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21858-1 advisory. This update for python-mistune fixes the following issues - CVE-2026-33079: ReDoS in LINKTITLERE can lead to denial of service via...
RockyLinux 8 : httpd:2.4 (RLSA-2026:22140)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22140 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in...