338459 matches found
RHEL 8 : thunderbird (RHSA-2026:19467)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19467 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 8 : thunderbird (RHSA-2026:19465)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19465 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 10 : thunderbird (RHSA-2026:19463)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19463 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
RHEL 9 : firefox (RHSA-2026:17689)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17689 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
RHEL 9 : thunderbird (RHSA-2026:19461)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19461 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
Fedora 43 : evince (2026-d29bd1ad07)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d29bd1ad07 advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Fedora 44 : evince (2026-aea94fcc1c)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aea94fcc1c advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021497)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021497 advisory. In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-021504)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021504 advisory. In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the...
ISC BIND 9.11.0 < 9.18.49 / 9.11.3-S1 < 9.18.49-S1 / 9.18.0 < 9.18.49 / 9.18.11-S1 < 9.18.49-S1 / 9.20.0 < 9.20.23 / 9.20.9-S1 < 9.20.23-S1 / 9.21.0 < 9.21.22 Assertion Failure (cve-2026-5946)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-5946 advisory. - Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN for...
Linux Distros Unpatched Vulnerability : CVE-2026-5946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN for example, CHAOS or HESIOD, or DNS message...
RHEL 9 : dnsmasq (RHSA-2026:19373)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19373 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...
RHEL 8 : kernel (RHSA-2026:19521)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19521 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: RDMA/rxe...
RHEL 9 : kernel-rt (RHSA-2026:19711)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19711 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
RHEL 9 : kernel (RHSA-2026:19705)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19705 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: raw: fix ro-uniq...
RHEL 8 : kernel-rt (RHSA-2026:19664)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19664 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...
RHEL 8 : kernel (RHSA-2026:19666)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19666 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Fragnesia is a variant of Dir...
Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1647)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1647 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API...
Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2026-1677)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1677 advisory. RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution CVE-2026-5405 Tenable has extracted the preceding description block...
Oracle Linux 7 : squid (ELSA-2026-8880)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8880 advisory. - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via -...
RHCOS 4 : OpenShift Container Platform 4.18.42 (RHSA-2026:17446)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17446 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...
RHCOS 4 : OpenShift Container Platform 4.17.54 (RHSA-2026:17595)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17595 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...
Linux Distros Unpatched Vulnerability : CVE-2026-43422
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncmbind Commit 56a512a9b410 usb: gadget: fncm: align netdevice...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021536)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021536 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021618)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021618 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021593)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021593 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Make ICCSGIEL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021600)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021600 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing skbuff release in seg6inputcore The seg6input function is responsible for...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021573)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021573 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021629)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021629 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general...
RHEL 9 : libtiff (RHSA-2026:19702)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19702 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021559)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021559 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021619)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021619 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracingcpumaskwrite If a large count is provided, it will trigger ...
Fedora 44 : python-django6 (2026-de6e24ae07)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-de6e24ae07 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...
Linux Distros Unpatched Vulnerability : CVE-2026-3592
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolv...
Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2026-1667)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1667 advisory. Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021647)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021647 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL...
Fedora 44 : mingw-expat (2026-163d1fe6c0)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-163d1fe6c0 advisory. Update to expat-2.8.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Amazon Linux 2023 : krb5-devel, krb5-libs, krb5-pkinit (ALAS2023-2026-1680)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1680 advisory. In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An...
Fedora 43 : mingw-expat (2026-9cf92027ec)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9cf92027ec advisory. Update to expat-2.8.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Splunk Enterprise 9.3.0 < 9.3.12, 9.4.0 < 9.4.11, 10.0.0 < 10.0.5, 10.2.0 < 10.2.2 (SVD-2026-0504)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0504 advisory. - In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1,...
Fedora 43 : kernel (2026-5e5a0f9621)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5e5a0f9621 advisory. The 7.0.7 stable kernel update contains a number of important fixes across the tree. It also patches up a vulnerable codepath for fragnesia that was not in t...
Fedora 44 : pgadmin4 (2026-68f6155fea)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-68f6155fea advisory. Update to pgadmin4-9.15. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 44 : rust-nu (2026-6de0476940)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6de0476940 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-8281-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8281-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021646)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021646 advisory. In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021554)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021554 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4evictinode' Syzbot found the following issue:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021628)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021628 advisory. In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: Initialize unused data in j1939sendone syzbot reported kernel-infoleak in...
RHEL 9 : glib2 (RHSA-2026:19457)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19457 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
Fedora 44 : rust-podman-sequoia / rust-rpm-sequoia / etc (2026-5619c60e85)
The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-5619c60e85 advisory. Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and CVE-not-...
Fedora 43 : proftpd (2026-4ddb108952)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4ddb108952 advisory. This update contains an updated modwrap2sql that addresses a potential SQL injection issue when connected to from a client with a maliciously-constructed...