338459 matches found
F5 Networks BIG-IP : iControl SOAP vulnerability (K000160973)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160973 advisory. A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrato...
F5 Networks BIG-IP : BIG-IP and BIG-IQ privilege escalation vulnerability (K000160972)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160972 advisory. A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker...
F5 Networks BIG-IP : BIG-IP scripted monitor vulnerability (K000161040)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000161040 advisory. A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the...
Linux Distros Unpatched Vulnerability : CVE-2026-46633
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46633 Note that Nessus relies on the presence of the package as reported by the vendo...
FreeBSD : FreeBSD -- Stack buffer overflow via setcred(2) (39728e41-54b5-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 39728e41-54b5-11f1-8d7a-bc241121aa0a advisory. The setcred2 system call is only available to privileged users. However, before the privilege level of...
Apache Tomcat 11.0.0.M1 < 11.0.22 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 11.0.22. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat11.0.22security-11 advisory. - DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat...
FreeBSD : FreeBSD -- select(2) file descriptor set overflow causes stack overflow (90fe1784-54b6-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 90fe1784-54b6-11f1-8d7a-bc241121aa0a advisory. libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call...
F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K000156581)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000156581 advisory. Incorrect permission assignment vulnerabilities exist in iControl REST and TMOS Shell tmsh undisclosed...
Linux Distros Unpatched Vulnerability : CVE-2026-46626
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-46626 Note that Nessus relies on the presence of the package as reported by the vendor...
FreeBSD : FreeBSD -- Kernel use-after-free via file descriptor syscalls (ee21f41f-54b5-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ee21f41f-54b5-11f1-8d7a-bc241121aa0a advisory. A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that...
Linux Distros Unpatched Vulnerability : CVE-2026-46640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig: Arbitrary PHP code execution via self. macro-reference compilation CVE-2026-46640 Note that Nessus relies on the presence of the package as reported by th...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021668)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021668 advisory. MariaDB through 10.5.13 allows a hamaria::extra application crash via certain SELECT statements. Tenable has extracted the preceding description block directly from...
Linux Distros Unpatched Vulnerability : CVE-2020-37239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in...
Linux Distros Unpatched Vulnerability : CVE-2026-45070
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45070 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-45304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45304 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-46628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46628 Note that Nessus relies on the presence of the package as reported by the vendo...
F5 Networks BIG-IP : Appliance mode iControl REST vulnerability (K000160876)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160876 advisory. When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able ...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021671)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021671 advisory. MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECTLEX::nestlevel is local to each VIEW. Tenable has extracted the preceding...
F5 Networks BIG-IP : BIG-IP tmsh vulnerability (K000161107)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000161107 advisory. A vulnerability exists in an undisclosed BIG-IP TMOS Shell tmsh command that may allow an authenticate...
Linux Distros Unpatched Vulnerability : CVE-2026-9122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to obtain potentially sensitive information from process...
Linux Distros Unpatched Vulnerability : CVE-2026-9111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...
Linux Distros Unpatched Vulnerability : CVE-2026-45754
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-45754 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...
F5 Networks BIG-IP : BIG-IP TMM vulnerability (K000158038)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0. It is, therefore, affected by a vulnerability as referenced in the K000158038 advisory. When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the...
F5 Networks BIG-IP : BIG-IP and BIG-IQ Configuration utility vulnerability (K000156761)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0. It is, therefore, affected by a vulnerability as referenced in the K000156761 advisory. An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP an...
F5 Networks BIG-IP : BIG-IP APM vulnerability (K000161056)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000161056 advisory. When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause...
F5 Networks BIG-IP : BIG-IP DNS tmsh vulnerability (K000157981)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0. It is, therefore, affected by a vulnerability as referenced in the K000157981 advisory. When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell tmsh command that ma...
Linux Distros Unpatched Vulnerability : CVE-2026-45063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45063 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-45067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45067 Note that Nessus relies on the presence of the package as reported by the vendor...
F5 Networks BIG-IP : BIG-IP HTTP/2 vulnerability (K000159034)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000159034 advisory. When an HTTP/2 profile and an iRule containing theHTTP::redirectorHTTP::respondcommand are configured ...
F5 Networks BIG-IP : BIG-IP httpd access control vulnerability (K000156604)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0. It is, therefore, affected by a vulnerability as referenced in the K000156604 advisory. When configured, IP-based access restrictions forhttpddo not cover all endpoints, which may allow...
Multiple Node.js Modules compromised in self-spreading npm supply chain attack (mini-Shai-Hulud) (05/11/2026)
The remote host has a version of one or more Node.js modules installed known to be compromised in the self-spreading 'mini-Shai-Hulud' npm supply chain attack reported on 05/11/2026. This wave is tracked separately from the original Shai-Hulud campaign because of distinct compromised maintainers...
F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K000161018)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000161018 advisory. Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell...
F5 Networks BIG-IP : BIG-IP iControl SOAP vulnerability (K000160926)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000160926 advisory. An authenticated attacker with the Resource Administrator or Administrator role can create SNMP...
Linux Distros Unpatched Vulnerability : CVE-2026-9118
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...
Linux Distros Unpatched Vulnerability : CVE-2026-9124
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Input in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer proce...
Linux Distros Unpatched Vulnerability : CVE-2026-9113
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2026-24425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template...
F5 Networks BIG-IP : BIG-IP SIP profile vulnerability (K000161023)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000161023 advisory. When a SIP profile is configured on a virtual server, undisclosed traffic can cause the Traffic...
F5 Networks BIG-IP : BIG-IP privilege escalation vulnerability (K000160975)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160975 advisory. A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at lea...
Linux Distros Unpatched Vulnerability : CVE-2026-9114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via malicious network...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021669)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021669 advisory. MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations. Tenable has extracted the preceding description block...
Linux Distros Unpatched Vulnerability : CVE-2026-9120
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security...
F5 Networks BIG-IP : Appliance mode iControl REST vulnerability (K000160911)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160911 advisory. When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl...
Linux Distros Unpatched Vulnerability : CVE-2026-9116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in ServiceWorker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to leak cross-origin data via a crafted...
F5 Networks BIG-IP : BIG-IP SSL Orchestrator vulnerability (K000149743)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000149743 advisory. A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated...
FreeBSD : FreeBSD -- Missing validation in ptrace(PT_SC_REMOTE) (6c96da5e-54b6-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6c96da5e-54b6-11f1-8d7a-bc241121aa0a advisory. ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls...
Ubuntu 25.10 : GStreamer Good Plugins vulnerability (USN-8285-1)
The remote Ubuntu 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8285-1 advisory. It was discovered that GStreamer Good Plugins incorrectly handled certain MOV/MP4 media files. A remote attacker could use this issue to cause GStreamer Good Plugins ...
Linux Distros Unpatched Vulnerability : CVE-2026-46627
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46627 Note that Nessus relies on the presence of the package as reported by the vendo...
Linux Distros Unpatched Vulnerability : CVE-2026-45068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45068 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2021-47952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSO...