338459 matches found
Amazon Linux 2023 : docker (ALAS2023-2026-1659)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1659 advisory. Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin...
RHEL 10 : yggdrasil (RHSA-2026:19450)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19450 advisory. yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child worker...
Linux Distros Unpatched Vulnerability : CVE-2026-43620
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recvfiles in receiver.c that allows a malicious rsync server to...
FreeBSD : MariaDB -- Multiple vulnerabilities (31b7e7bc-5358-11f1-8b62-8447094a420f)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 31b7e7bc-5358-11f1-8b62-8447094a420f advisory. The MariaDB project reports: See linked CVE's for details. Tenable has extracted the preceding...
RHEL 8 : python3 (RHSA-2026:19549)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19549 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
Linux Distros Unpatched Vulnerability : CVE-2026-43619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir,...
Amazon Linux 2023 : bouncycastle, bouncycastle-javadoc, bouncycastle-mail (ALAS2023-2026-1688)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1688 advisory. Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is associated with program files...
AlmaLinux 9 : kernel (ALSA-2026:16206)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:16206 advisory. kernel: Dirty Frag is a new universal Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-43284 Tenable has extracted the preceding...
Linux Distros Unpatched Vulnerability : CVE-2026-43617
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured...
RHEL 8 : kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 (RHSA-2026:19572)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19572 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...
RockyLinux 9 : PackageKit (RLSA-2026:19354)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19354 advisory. PackageKit: race condition vulnerability leads to arbitrary package installation as root CVE-2026-41651 Tenable has extracted the preceding description block...
Linux Distros Unpatched Vulnerability : CVE-2026-42245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, Net::IMAP::ResponseReader...
Oracle Linux 8 : kernel (ELSA-2026-16195)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-16195 advisory. 4.18.0-553.124.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to t...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021609)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021609 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dcvalidatestream Why prevent invalid memory access...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021551)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021551 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid crash when inline data creation follows DIO write When inode is created and written t...
Linux Distros Unpatched Vulnerability : CVE-2026-39836
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0. CVE-2026-39836 Note that Nessus relies on the presence of the...
RHEL 9 : glib2 (RHSA-2026:19459)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19459 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
RHEL 8 : libtiff (RHSA-2026:19659)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19659 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021604)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021604 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91: call inputfreedevice on allocated iiodev Current implementation of at91tsregister...
Amazon Linux 2023 : libXpm, libXpm-devel (ALAS2023-2026-1656)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1656 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Ness...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021633)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021633 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fwinfo is not null before using it This resolves the dereference null retu...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021625)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021625 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash tab...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021627)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021627 advisory. In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbusdevprobe This patch fixes an...
Fedora 44 : python-django5 (2026-9b7a6474a1)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9b7a6474a1 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021650)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021650 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021557)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021557 advisory. In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in killkprobe In killkprobe, the check whether...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021526)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021526 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipctopsrvkernsubscr Use a 8-byte write to initialize...
Linux Distros Unpatched Vulnerability : CVE-2026-41999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect Behaviour of Views with TCP PROXY Requests CVE-2026-41999 Note that Nessus relies on the presence of the package as reported by the vendor...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021571)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021571 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated...
Splunk Universal Forwarder 9.4.0 < 9.4.11 (SVD-2026-0506)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0506 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021541)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021541 advisory. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in transstatshow Fix buffer overflow in transstatshow. Convert...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021602)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021602 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 net: lapbether: only support...
Oracle Linux 8 : oci-utils (ELSA-2026-65763)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-65763 advisory. -- 0.14.0-22 - Rework systemd service file creation. Orabug: 39316494 Tenable has extracted the preceding description block directly from the Oracle Linux...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021539)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021539 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021567)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021567 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function When a reset notify IPC...
RHEL 9 : libtiff (RHSA-2026:19608)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19608 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021537)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021537 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ Since before the git era, NFSD has...
ISC BIND 9.11.0 < 9.18.49 / 9.11.3-S1 < 9.18.49-S1 / 9.18.0 < 9.18.49 / 9.18.11-S1 < 9.18.49-S1 / 9.20.0 < 9.20.23 / 9.20.9-S1 < 9.20.23-S1 / 9.21.0 < 9.21.22 Vulnerability (cve-2026-3592)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3592 advisory. - BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to...
RockyLinux 9 : gdk-pixbuf2 (RLSA-2026:19210)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19210 advisory. gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image CVE-2026-5201 Tenable has extracted the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021592)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021592 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximu...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021531)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021531 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: set the right AMDGPU sg segment limitation The driver needs to set the correct...
Amazon Linux 2023 : perl-CryptX, perl-CryptX-tests (ALAS2023-2026-1641)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1641 advisory. NOTE: https://lists.security.metacpan.org/cve-announce/msg/39209500/NOTE: https://github.com/DCIT/perl- CryptX/security/advisories/GHSA-24c2-gp6c-24c6NOTE: Fixed by: https://github.com/DCIT/perl-...
Fedora 43 : rust-nu (2026-b00a9673c8)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b00a9673c8 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021584)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021584 advisory. In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP or VSS daemon star...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021586)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021586 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021649)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021649 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominators' default to 1 WHAT & HOW Variables used as denominators...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021574)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021574 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition...
RHEL 8 : libtiff (RHSA-2026:19604)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19604 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
Fedora 43 : rustup (2026-f8e0fbaa84)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f8e0fbaa84 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021528)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021528 advisory. In the Linux kernel, the following vulnerability has been resolved: 9p: set req refcount to zero to avoid uninitialized usage When a new request is allocated, the...