338459 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-9117
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to...
Linux Distros Unpatched Vulnerability : CVE-2026-9123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code insid...
Linux Distros Unpatched Vulnerability : CVE-2026-9112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in GPU in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTM...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021670)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021670 advisory. MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr. Tenable has extracted the preceding description block directly...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021663)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021663 advisory. MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used. Tenable has extracted the preceding...
F5 Networks BIG-IP : iControl SOAP vulnerability (K000159021)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000159021 advisory. An authenticated iControl SOAP user may be able to obtain information of other accounts. CVE-2026-3506...
F5 Networks BIG-IP : BIG-IP iControl SOAP vulnerability (K000160979)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160979 advisory. An authenticated attacker with the Resource Administrator or Administrator role can modify configurati...
Linux Distros Unpatched Vulnerability : CVE-2026-45077
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45077 Note that Nessus relies on the presence of the package as reported by the vendor...
F5 Networks BIG-IP : BIG-IP Appliance mode vulnerability (K000158971)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000158971 advisory. A vulnerability exists in BIG-IP systems that may allow an authenticated attacker with administrative...
F5 Networks BIG-IP : BIG-IP Configuration utility CSRF vulnerability (K35544022)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K35544022 advisory. A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration...
Linux Distros Unpatched Vulnerability : CVE-2026-46634
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig: templatefromstring escapes a SourcePolicy-driven sandbox via synthesized template name CVE-2026-46634 Note that Nessus relies on the presence of the packa...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021667)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021667 advisory. MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery. Tenable has extracted the...
F5 Networks BIG-IP : BIG-IP and BIG-IQ privilege escalation vulnerability (K000160971)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160971 advisory. A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker...
Linux Distros Unpatched Vulnerability : CVE-2026-46637
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46637 Note that Nessus relies on the presence of the package as reported by the vendo...
Linux Distros Unpatched Vulnerability : CVE-2026-3073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.6 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021664)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021664 advisory. MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE. Tenable has extracted the...
Linux Distros Unpatched Vulnerability : CVE-2026-9121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in GPU in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-4524
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have...
FreeBSD : FreeBSD -- Heap overflow in FUSE_LISTXATTR (3cc34467-54b6-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3cc34467-54b6-11f1-8d7a-bc241121aa0a advisory. When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message t...
Linux Distros Unpatched Vulnerability : CVE-2026-1322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have...
F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000156734)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.3 / 21.0.0. It is, therefore, affected by a vulnerability as referenced in the K000156734 advisory. A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-...
Security Updates for Microsoft Exchange Server (May 2026)
The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by a vulnerability as referenced in the May, 2026 security bulletin. - Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Exchange Serve...
F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K000160981)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160981 advisory. A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker...
Linux Distros Unpatched Vulnerability : CVE-2026-46635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig: Sandbox property allowlist bypass via the column filter arraycolumn on objects CVE-2026-46635 Note that Nessus relies on the presence of the package as...
F5 Networks BIG-IP : BIG-IP SSL/TLS vulnerability (K000158978)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K000158978 advisory. When SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop...
Linux Distros Unpatched Vulnerability : CVE-2026-47372
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::SaltedHash versions through 0.09 for Perl generate insecure random values for salts. These versions use the built-in rand function, which is predictable...
F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K000160863)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160863 advisory. A vulnerability exists in iControl REST and the TMOS Shell tmsh where a highly privileged, authenticat...
Linux Distros Unpatched Vulnerability : CVE-2026-45072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-45072 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...
F5 Networks BIG-IP : BIG-IP qkview vulnerability (K000157895)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K000157895 advisory. An improper sanitization vulnerability exists in the BIG-IPqkviewutility that allows a low-privileged attacker to...
Linux Distros Unpatched Vulnerability : CVE-2026-47730
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-47730 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...
F5 Networks BIG-IP : iControl REST vulnerability (K000160903)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160903 advisory. An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an information le...
Linux Distros Unpatched Vulnerability : CVE-2026-46629
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - php-twig - None Ubuntu Linux - Unknown description CVE-2026-46629 Note that Nessus relies on the presence of the package as reported by the vendo...
FreeBSD : FreeBSD -- Remote code execution via installer Wi-Fi access point scans (039c0ab0-54b7-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 039c0ab0-54b7-11f1-8d7a-bc241121aa0a advisory. When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of...
Linux Distros Unpatched Vulnerability : CVE-2026-9115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a craft...
F5 Networks BIG-IP : BIG-IP SSL vulnerability (K000158082)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000158082 advisory. When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel...
Fedora 42 : mysql8.0 (2026-b78d5204fe)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b78d5204fe advisory. MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC...
Fedora 42 : mysql8.4 (2026-a4e0e8211d)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a4e0e8211d advisory. MySQL 8.4.9 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021672)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021672 advisory. getsortbytable in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. Tenable has extracted the preceding description block...
MiracleLinux 9 : nginx:1.24 (AXSA:2026-704:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-704:01 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the MiracleLinux...
Linux Distros Unpatched Vulnerability : CVE-2026-46638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twig: % sandbox %% include % skips checkSecurity on cached templates incomplete fix for CVE-2024-45411 CVE-2026-46638 Note that Nessus relies on the presence of...
F5 Networks BIG-IP : BIG-IP HTTP/2 Layer 7 DoS Protection vulnerability (K000158979)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K000158979 advisory. On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase...
F5 Networks BIG-IP : BIG-IP FastL4 virtual server vulnerability (K000160862)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000160862 advisory. When embedded Packet Velocity Acceleration ePVA acceleration is configured, undisclosed local ethernet...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : OpenVPN vulnerabilities (USN-8286-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8286-1 advisory. Guannan Wang, Zhanpeng Liu, Guancheng Li, and Emma Reuter discovered that OpenVPN incorrectly handled suitably malformed...
F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K000161022)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000161022 advisory. Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell tmsh network...
FreeBSD : FreeBSD -- Incorrect libcap_net limitation list manipulation (37ab0cbc-54b7-11f1-8d7a-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 37ab0cbc-54b7-11f1-8d7a-bc241121aa0a advisory. In the case of the capnet service, when a key present in the old limit was omitted from the new limit,...
F5 Networks BIG-IP : BIG-IP DTLS vulnerability (K000160901)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000160901 advisory. When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server,...
Linux Distros Unpatched Vulnerability : CVE-2026-9119
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebRTC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT...
Linux Distros Unpatched Vulnerability : CVE-2026-45069
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45069 Note that Nessus relies on the presence of the package as reported by the vendor...
F5 Networks BIG-IP : iControl REST vulnerability (K000160916)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160916 advisory. A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at leas...
Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021665)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021665 advisory. MariaDB before 10.6.5 has a sqllex.cc integer overflow, leading to an application crash. Tenable has extracted the preceding description block directly from the Unit...