338597 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021542)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021542 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxpci: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its...
Linux Distros Unpatched Vulnerability : CVE-2026-8213
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the...
Amazon Linux 2023 : python3.14, python3.14-devel, python3.14-freethreading (ALAS2023-2026-1674)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1674 advisory. The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handle...
RHCOS 4 : OpenShift Container Platform 4.18.42 (RHSA-2026:17446)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17446 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...
RHEL 9 : giflib update (Important) (RHSA-2026:19367)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19367 advisory. Please update Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory. Note that Nessus h...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021579)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021579 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check bova-bo is non-NULL before using it The call to radeonvmclearfreed might clear...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021652)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021652 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021540)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021540 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix acceptqueue memory leak As the final stages of socket destruction may be delaye...
Amazon Linux 2023 : runc (ALAS2023-2026-1661)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1661 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021630)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021630 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix potential crash in nfsendreset6 I got a syzbot report without a repr...
Amazon Linux 2023 : dnsmasq, dnsmasq-utils (ALAS2023-2026-1516)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1516 advisory. dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021595)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021595 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ipset.ko...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021611)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021611 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: accept TCASTAB only for root qdisc Most qdiscs maintain their backlog using...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021532)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021532 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works...
Linux Distros Unpatched Vulnerability : CVE-2026-40020
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Attacker can use the IMAP SETACL command to inject the anyone permission to user's dovecot-acl file even if imapaclallowanyone=no. This causes folders to be...
RHEL 8 : python3 (RHSA-2026:19590)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19590 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
Amazon Linux 2023 : python3.14-pip, python3.14-pip-wheel (ALAS2023-2026-1653)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1653 advisory. pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferr...
IBM WebSphere Application Server Liberty 22.0.0.11 < 26.0.0.6 (7273425)
The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7273425 advisory. - IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security under limited conditions by exploiting a specific...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021548)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021548 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr I experience issues when putting a lkbsb on the stack...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021569)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021569 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inetcreate sockinitdata attaches the allocated s...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021570)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021570 advisory. In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy ar...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021588)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021588 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021636)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021636 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: fix sk refcount leaks We must put 'sk' reference before returning. Tenable...
Linux Distros Unpatched Vulnerability : CVE-2026-43358
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: add missing RCU unlock in error path in tryreleasesubpageextentbuffer Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer because...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021612)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021612 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10hwmgr Check return value and conduct null...
RHEL 9 : thunderbird (RHSA-2026:19468)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19468 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021547)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021547 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/modes: Avoid divide by zero harder in drmmodevrefresh drmmodevrefresh is trying to avoid divi...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021596)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021596 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The daxiomaprw does t...
Linux Distros Unpatched Vulnerability : CVE-2026-43619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir,...
Linux Distros Unpatched Vulnerability : CVE-2025-71300
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert arm64: zynqmp: Add an OP-TEE node to the device tree This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021562)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021562 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a...
RHEL 9 : git-lfs (RHSA-2026:19350)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19350 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...
RHEL 9 : firefox (RHSA-2026:19370)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19370 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Fedora 44 : opencryptoki (2026-1273c7855d)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1273c7855d advisory. Fix CVE-2026-23893, Privilege Escalation or Data Exposure via Symlink Following Tenable has extracted the preceding description block directly from...
RHEL 10 : git-lfs (RHSA-2026:19715)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19715 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...
Linux Distros Unpatched Vulnerability : CVE-2026-43462
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: spacemit: Fix error handling in emactxmemmap The DMA mappings were leaked on mapping...
Fedora 43 : opencryptoki (2026-6c3b6ec624)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6c3b6ec624 advisory. Fix CVE-2026-23893, Privilege Escalation or Data Exposure via Symlink Following Tenable has extracted the preceding description block directly from...
Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2026-1666)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1666 advisory. pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021650)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021650 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow An UAF can happen when /proc/cpuset is read as...
RHEL 8 : dovecot (RHSA-2026:19455)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19455 advisory. Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3...
RHEL 9 : openexr (RHSA-2026:19587)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19587 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021531)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021531 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: set the right AMDGPU sg segment limitation The driver needs to set the correct...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021617)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021617 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for...
RHEL 9 : libtiff (RHSA-2026:19608)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19608 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
Linux Distros Unpatched Vulnerability : CVE-2026-43434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021625)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021625 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash tab...
RHEL 9 : glib2 (RHSA-2026:19459)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19459 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
Linux Distros Unpatched Vulnerability : CVE-2026-43410
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update RSU isn't enabled in the First Stage Boot Loader FSBL,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021586)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021586 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated...
RockyLinux 9 : firefox (RLSA-2026:19201)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19201 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScri...